Awesome Stars

A curated list of my GitHub stars! Generated by starred

ASP
Arduino
Assembly
AutoHotkey
AutoIt
Batchfile
C
C#
C++
CSS
CoffeeScript
Dockerfile
Emacs Lisp
Erlang
Game Maker Language
Go
HTML
Haskell
Java
JavaScript
Jupyter Notebook
KiCad
Kotlin
Logos
Lua
M
Makefile
Markdown
Mask
Max
Nginx
Objective-C
Objective-C++
Others
PHP
PLpgSQL
Pascal
Perl
PostScript
PowerShell
Python
Rich Text Format
Roff
Ruby
Rust
Shell
Smali
Smarty
SourcePawn
Swift
TSQL
Tcl
TeX
TypeScript
Vim script
VimL
Visual Basic
Vue
XSLT
YARA
Zeek
nesC

ASP

webshell-detect-bypass - 绕过专业工具检测的Webshell研究文章和免杀的Webshell

Arduino

MissionControl - This kids' homework desk has top that flips up to reveal a space-themed control panel.
wifi_keylogger - DIY Arduino Wi-Fi Keylogger (Proof of Concept)

Assembly

windows-syscall-table - windows syscall table from xp ~ 10 rs4

AutoHotkey

runz - RunZ，专业的快速启动工具
smpic - Windows下面的SM.MS图床上传工具
qimage-win - Windows 版本 Markdown 一键贴图工具，支持本地文件、截图、网络图片一键上传七牛云并返回图片引用，让 Markdown 中贴图变成一种享受。

AutoIt

my-chrome - MyChrome -- Make Google Chrome portable yourself

Batchfile

BurpSuite-collections - BurpSuite收集：包括不限于 Burp 文章、破解版、插件、汉化等相关教程，欢迎添砖加瓦
CISSP-Study-Guide - study material used for the 2018 CISSP exam
auto-add-routes - China Route for VPN
fuckcdn - CDN真实IP扫描，易语言开发
APTSimulator - A toolset to make a system look as if it was the victim of an APT attack
domain-admin-crack - 🌵 入域电脑用户本地提权
Disable-Intel-AMT - Tool to disable Intel AMT on Windows
fake-sandbox - This script will simulate fake processes of analysis sandbox/VM software that some malware will try to avoid.
ngrok-caddy - Script to run ngrok with (optional) caddy server

C

rifiuti2 - Windows Recycle Bin analyser
kloak - Keystroke-level online anonymization kernel: obfuscates typing behavior at the device level.
rdpscan - A quick scanner for the CVE-2019-0708 "BlueKeep" vulnerability.
cve-2019-5736-poc - Unweaponized Proof of Concept for CVE-2019-5736 (Docker escape)
HashCheck - HashCheck Shell Extension for Windows with added SHA2, SHA3, and multithreading; originally from code.kliu.org
zju-icicles - 浙江大学课程攻略共享计划
endlessh - SSH tarpit that slowly sends an endless banner
netfilter-full-cone-nat - A kernel module that turns MASQUERADE into full cone SNAT
HackSysExtremeVulnerableDriver - HackSys Extreme Vulnerable Windows Driver
BlockRDPBrute - [HIPS]RDP(3389)爆破防护
getshell - 各大平台提权工具
wazuh - Wazuh - Host and endpoint security
Introduction-to-Computer-Systems - Course : Introduction to Computer Systems
sway - i3-compatible Wayland compositor
fcn - free connect your private network from anywhere
badvpn - NCD scripting language, tun2socks proxifier, P2P VPN
UnixTools - 一些处理数据的Unix小工具，支持管道操作。
n2n - A development branch of the n2n p2p vpn software
DomainMegaBot - A domain name bulk search bot with support of over 200 top-level domains.
p0f-mtu - p0f with patches to save MTU value and export it via API (for VPN detection)
BinExp - Linux Binary Exploitation
fi6s - IPv6 network scanner designed to be fast
MacType-Patch - MacType Patch for DirectWrite Hook
RaspberryPiPkg - 64-bit Tiano Core UEFI for the Raspberry Pi 3 (with devices, Linux, NetBSD, FreeBSD and Windows on Arm!)
https_dns_proxy - A lightweight DNS-over-HTTPS proxy.
tpotce - 🍯 T-Pot Universal Installer and ISO Creator 🐝
axeldown-core - 基于axel-webm的优化项目. 通过webui调用axel进行下载
snort-rules - An UNOFFICIAL Git Repository of Snort Rules(R) Releases. Please visit http://blog.snort.org for the latest news about Snort
process-inject - 在Windows环境下的进程注入方法：远程线程注入、创建进程挂起注入、反射注入、APCInject、SetWindowHookEX注入
sumatrapdf - SumatraPDF reader
zogvm - zogna video manager
virgo - ♍💻💻💻💻 Virtual desktops for Windows
VwFirewall - 微盾®VirtualWall®防火墙整套源代码
netdata - Real-time performance monitoring, done right! https://my-netdata.io/
MBE - Course materials for Modern Binary Exploitation by RPISEC
execve_exploit - Hardcore corruption of my execve() vulnerability in WSL
Linux-NetSpeed - BBR+BBR魔改+Lotsever(锐速)一键脚本 for Centos/Debian/Ubuntu
ProcDump-for-Linux - A Linux version of the ProcDump Sysinternals tool
eoip - EoIP/EoIPv6 for Linux/FreeBSD/OpenBSD/Darwin
general - general mode via module loading
3proxy - 3proxy - tiny free proxy server
electra - Electra iOS 11.0 - 11.1.2 jailbreak toolkit based on async_awake
dnscrypt-proxy - DNSCrypt-Proxy repository, frankly maintained for what it does (no new features planned)
awesome-nginx - A curated list of awesome Nginx distributions, 3rd party modules, Active developers, etc.
MINT - Contains the definitions for the Windows Internal UserMode API from ntdll.dll, samlib.dll and winsta.dll.
AppProtect - 整理一些app常见的加固方法，包括java层、native层和资源文件加固等
CTF-All-In-One - CTF竞赛入门指南
vlmcsd - KMS Emulator in C (currently runs on Linux including Android, FreeBSD, Solaris, Minix, Mac OS, iOS, Windows with or without Cygwin)
navicat-keygen - A keygen for Navicat
motion - Motion, a software motion detector. Home page: https://motion-project.github.io/
mpv - 🎥 Video player based on MPlayer/mplayer2
tinc - a VPN daemon
wufuc - Disables the "Unsupported Hardware" message in Windows Update, and allows you to continue installing updates on Windows 7 and 8.1 systems with Intel Kaby Lake, AMD Ryzen, or other unsupported processors.
linux-exploit-development-tutorial - a series tutorial for linux exploit development to newbie.
krackattacks-test -
UACME - Defeating Windows User Account Control
tinyproxy - tinyproxy - a light-weight HTTP/HTTPS proxy daemon for POSIX operating systems
krackattacks-scripts -
icmp-backdoor - Backdoor that listens for specially crafted ICMP packets and spawns reverse shells.
KernelPCC - PCC is a new approach for TCP congestion control base on real-time performance analysis. This is a kernel implementation of it.
tcp_china - TCP China congestion control algorithm
AderXCoding - 介绍各类语言，库，系统编程以及算法的学习
tcpcopy - An online request replication tool, also a tcp stream replay tool, fit for real testing, performance testing, stability testing, stress testing, load testing, smoke testing, etc
Web-Application-Firewall - Designed and Implemented a Web Application Firewall as an Apache module that "sits" in-front of a web server. The WAF is designed to stop malicious requests from known attacks such as SQL Injection, XSS attacks and from unknown attacks by learning the legitimate traffic.
dsptunnel - IP over audio tunnel
unit - Unit 中文文档源，每 24 小时与官方同步。中文文档请点README_CN.md。
Pentest - tools
ngrok-c - ngrok client for c language,Due to the use of GO ngrok language development, porting to embedded devices some inconvenience, such as openwrt, so use C language rewrite a client. Very mini, the need to support polarssl library.
full-stack-developer - 🦊锁的前前后后工程师之路fighting
sniproxy - Proxies incoming HTTP and TLS connections based on the hostname contained in the initial request of the TCP session.
seafile - High performance file syncing and sharing, with also Markdown WYSIWYG editing, Wiki, file label and other knowledge management features.
WireGuard - Mirror only. Official repository is at https://git.zx2c4.com/WireGuard
tcpkit - A tool analyzes tcp packets with Lua
LocateIP - 高效的IP数据库解析库
net-speeder - net-speeder 在高延迟不稳定链路上优化单线程下载速度
vmware_escape - VMware Escape Exploit before VMware WorkStation 12.5.5
axel - Lightweight CLI download accelerator
dnsforwarder - Just a DNS utility.
kcp - KCP - A Fast and Reliable ARQ Protocol
gps-sdr-sim - Software-Defined GPS Signal Simulator
keepassxc-debian - Debian source package for the KeePassXC password manager.
Android_Kernel_CVE_POCs - A list of my CVE's with POCs
ios-kexec-utils - boot LLB/iBoot/iBSS/iBEC image from a jailbroken iOS kernel
filewatcher - A simple auditing utility for macOS
HSEVD-ArbitraryOverwrite - HackSys Extreme Vulnerable Driver - ArbitraryOverwrite Exploit
sudo-CVE-2017-1000367 -
kcptun-raw - Kcptun with raw socket and fake TCP headers.
Invoke-Vnc - Powershell VNC injector
icmptunnel - Transparently tunnel your IP traffic through ICMP echo and reply packets.
shujit - Java Just-in-Time Compiler for x86 processors
exploit-CVE-2017-7494 - SambaCry exploit and vulnerable container (CVE-2017-7494)
linux-4.8.0-netfilter_icmp - Anatomy of a linux kernel development
heap-exploitation - This book on heap exploitation is a guide to understanding the internals of glibc's heap and various attacks possible on the heap structure.
AD-control-paths - Active Directory Control Paths auditing and graphing tools
GoodbyeDPI - GoodbyeDPI—Passive Deep Packet Inspection blocker and Active DPI circumvention utility (for Windows)
pcileech - Direct Memory Access (DMA) Attack Software
DoubleAgent - Zero-Day Code Injection and Persistence Technique
wanakiwi - Automated wanadecrypt with key recovery if lucky
linux-kernel-exploits - linux-kernel-exploits Linux平台提权漏洞集合
oss-fuzz - OSS-Fuzz - continuous fuzzing of open source software
public-pentesting-reports - Curated list of public penetration test reports released by several consulting firms and academic security groups
Adafruit-GPIO-Halt - Press-to-halt program for headless Raspberry Pi. Similar functionality to the rpi_power_switch kernel module from the fbtft project, but easier to compile (no kernel headers needed).
mptunnel - MPUDP Tunnel (User space MultiPath UDP)
Rhme-2016 - Rhme2 challenge (2016)
UnmanagedPowerShell - Executes PowerShell from an unmanaged process
injectopi - A set of tutorials about code injection for Windows.
demos - Demos of various injection techniques found in malware
honggfuzz - Security oriented fuzzer with powerful analysis options. Supports evolutionary, feedback-driven fuzzing based on code coverage (software- and hardware-based)
post-exploitation - Post Exploitation Collection
smart7ec-scan-console - 基于Linux c开发的插件式扫描器(Python/lua)
esp8266_deauther - Scan for WiFi devices, block selected connections, create dozens of networks and confuse WiFi scanners!
eaphammer - Targeted evil twin attacks against WPA2-Enterprise networks. Indirect wireless pivots using hostile portal attacks.
Unix-Privilege-Escalation-Exploits-Pack - Exploits for getting local root on Linux, BSD, AIX, HP-UX, Solaris, RHEL, SUSE etc.
scap - Network Sniffer (Scan and Capture Incoming Packets)
StringBleed-CVE-2017-5135 - Stringbleed The CVE 2017-5135 SNMP authentication bypass, created and reserved for this issue, vulnerability type: Incorrect Access Control.
ncrack - Ncrack network authentication tool
windows-kernel-exploits - windows-kernel-exploits Windows平台提权漏洞集合
Android-Inline-Hook - thumb16 thumb32 arm32 inlineHook in Android
cve-2015-6639 - QSEE Privilege Escalation Exploit using PRDiag* commands (CVE-2015-6639)
inetutils - the copy of https://git.savannah.gnu.org/cgit/inetutils.git/ with knali support
mtr - Official repository for mtr, a network diagnostic tool
libproofofwork - Simple hash-mining c library and its python binding.
wifi_crack_windows - wifi crack project for windows
NTDSDumpEx - NTDS.dit offline dumper with non-elevated
android_security - Public Android Vulnerability Information (CVE PoCs etc)
winafl - A fork of AFL for fuzzing Windows binaries
f-stack - F-Stack is an user space network development kit with high performance based on DPDK, FreeBSD TCP/IP stack and coroutine API.
pentestkoala - Modified dropbear server which acts as a client and allows authless login
JohnTheRipper - This is the official repo for John the Ripper, "Jumbo" version. The "bleeding-jumbo" branch is based on 1.9.0-Jumbo-1 which was released on May 14, 2019. An import of the "core" version of john this jumbo was based on (or newer) is found in the "master" branch (CVS: https://cvsweb.openwall.com/cgi/cvsweb.cgi/Owl/packages/john/john/src/).
firejail - Linux namespaces and seccomp-bpf sandbox
SE315-OperatingSystem - SJTU-SE315 Operating System labs from MIT 6.828, by a SE12er.
passivedns - A network sniffer that logs all DNS server replies for use in a passive DNS setup
wifi_ducky - Upload, save and run keystroke injection payloads with an ESP8266 + ATMEGA32U4
android_kernel_crash_poc -
USG - The USG is Good, not Bad
ossec-hids - OSSEC is an Open Source Host-based Intrusion Detection System that performs log analysis, file integrity checking, policy monitoring, rootkit detection, real-time alerting and active response.
mimipenguin - A tool to dump the login password from the current linux user
How-to-Make-a-Computer-Operating-System - How to Make a Computer Operating System in C++
Learn-Algorithms - 算法学习笔记
wrk - Modern HTTP benchmarking tool

C#

Netch - Game accelerator. Support Socks5, Shadowsocks, ShadowsocksR, V2Ray protocol. UDP NAT FullCone
BypassAV-AllThings -
USBCopyer - 😉 用于在插上U盘后自动按需复制该U盘的文件。”备份&偷U盘文件的神器”（写作USBCopyer，读作USBCopier）
WebSiteOutlook - 🍅冲出你的窗口，free ss/ssr/vmess分享、IPFS、暗网及蹭网教程、Git镜像等其他资源存储库
Grouper2 - Find vulnerabilities in AD Group Policy
SharpBox - SharpBox is a C# tool for compressing, encrypting, and exfiltrating data to DropBox using the DropBox API.
Destroy-Windows-10-Spying - Destroy Windows Spying tool
EventLogParser - Parse PowerShell and Security event logs for sensitive information.
IISPowershellModule - IIS Handler for *.ps1 files
YaVipCore - Net Core Music Interface
Navicat_Keygen - A keygen for Navicat
duplicati - Store securely encrypted backups in the cloud!
kcptun-gui-windows - GUI for kcptun (https://github.com/xtaci/kcptun). (Need .NET framework 4.5)
CTFtools - 本项目主要搜集一些关于信息安全攻防相关的知识与工具，便于个人的渗透工作。
TestBaiduPassword - 百度网盘分享文件密码测试器
greenshot - Greenshot for Windows - Report bugs & features go here: https://greenshot.atlassian.net or look for information on:
JCS - Joomla Vulnerability Component Scanner
Locale-Emulator - Yet Another System Region and Language Simulator
WSSAT - WEB SERVICE SECURITY ASSESSMENT TOOL
ShareX - ShareX is a free and open source program that lets you capture or record any area of your screen and share it with a single press of a key. It also allows uploading images, text or other types of files to many supported destinations you can choose from.
SimpleDnsCrypt - A simple management tool for dnscrypt-proxy
Destroy-Windows-10-Spying - Destroy Windows Spying tool
PenCrawLer - An Advanced Web Crawler and DirBuster
pentestscripts - 白名单利用代码、渗透工具
WGestures - Modern mouse gestures for Windows. (C#)
Knowte - Note taking
MediaPortal-2 - Development of MediaPortal 2
VindicateTool - LLMNR/NBNS/mDNS Spoofing Detection Toolkit
NFCGUI - NFCGUI 一个万恶的无聊的Windows图形界面！ GUI for libnfc
DbgShell - A PowerShell front-end for the Windows debugger engine.
GitHubFolderDownloader - It lets you to download a single folder of a repository without cloning or downloading the whole repository.
adbGUI - Wrapper for Android Debug Bridge (ADB) written in C#
ApkToolBox - ApkTool Box，Apk集成反编译工具箱
mV2RayConfig -
UPnP-Pentest-Toolkit - UPnP Pentest Toolkit for Windows
KeeTrayTOTP - Fork of the Tray TOTP Plugin for KeePass2.
KeePassQRCodeView - KeePass 2.x plugin which shows QR Codes for entry fields.
ShellLink - A .NET Class Library for processing ShellLink (LNK) files
V2RayW - GUI for v2ray-core on Windows
FangMomFucker - FangMomFucker 原作者代码的备份
SyncTrayzor - Windows tray utility / filesystem watcher / launcher for Syncthing
PSAttack - A portable console aimed at making pentesting with PowerShell a little easier.
RunShellcode - .NET GUI program that runs shellcode
ChromeUpdater - :)
Arthas-WPFUI - WPF 控件库，支持 .Net Core 3.0 Preview & .Net 4.6.1
ChromeAutoUpdate - 一个自动更新chrome的小工具
7Zip4Powershell - Powershell module for creating and extracting 7-Zip archives
PowerShdll - Run PowerShell with rundll32. Bypass software restrictions.
CASCExplorer - CASCExplorer
WopiHost - Office Online Server Wopi Host implement, No need Cobalt. Support DOCX, XLSX, PPTX online editing.
cve-2017-7269-tool - CVE-2017-7269 to webshell or shellcode loader
Social-Engineering-Payloads - Collection of social engineering payloads
windows_pentest_tools - My pentest tools used two years ago. Part1
R10 - Lightweight Ransomware @Choudai
awesome-dotnet-core - 🐝 A collection of awesome .NET core libraries, tools, frameworks and software
Windows-Event-Log-Messages - Retrieves the definitions of Windows Event Log messages embedded in Windows binaries and provides them in discoverable formats. #nsacyber
Phalanger - PHP 5.4 compiler for .NET/Mono frameworks. Phalanger compiles legacy PHP code to MSIL while being fully compatible with PHP behavior.
cs2php - C# to PHP compiler
SSMSPwd - SQL Server Management Studio(SSMS) saved password dumper
flatpipes - A TCP proxy over named pipes. Originally created for maintaining a meterpreter session over 445 for less network alarms.
KeeAnywhere - A cloud storage provider plugin for KeePass
sandbox-attacksurface-analysis-tools - Set of tools to analyze and attack Windows sandboxes.
SuperSQLInjectionV1 - 超级SQL注入工具（SSQLInjection）是一款基于HTTP协议自组包的SQL注入工具,采用C#开发，直接操作TCP会话来进行HTTP交互，支持出现在HTTP协议任意位置的SQL注入，支持各种类型的SQL注入，支持HTTPS模式注入；支持以盲注、错误显示、Union注入等方式来获取数据；支持Access/MySQL/SQLServer/Oracle/PostgreSQL/DB2/SQLite/Informix等数据库；支持手动灵活的进行SQL注入绕过，可自定义进行字符替换等绕过注入防护。本工具为渗透测试人员、信息安全工程师等掌握SQL注入技能的人员设计，需要使用人员对SQL注入有一定了解。
Altman - the cross platform webshell tool in .NET
Altman - the cross platform webshell tool in .NET
Windows-Hacks - Creative and unusual things that can be done with the Windows API.
Cowboy - Cowboy.Sockets is a C# library for building sockets based services.
MongoCola - A MongoDB Administration Tool

C++

rssguard - RSS Guard is simple (yet powerful) feed reader. This is the official project repository.
raven - CobaltStrike External C2 for Websockets
SimpleRemoter - 基于gh0st的远程控制器：实现了终端管理、进程管理、窗口管理、远程桌面、文件管理、语音管理、视频管理、服务管理、注册表管理等功能，优化全部代码及整理排版，修复内存泄漏缺陷，程序运行稳定。此项目初版见：https://github.com/zibility/Remote
Clover - 我的黑苹果配置列表
srs - SRS is a simple live streaming cluster, a simple joy.
Dir_Scan_ByQT5 - qt实现仿御剑风格路径扫描工具，增加延时，代理池Bypass功能，同时支持批量扫描，附带简单whois信息搜集与端口扫描模块，界面更加美观。
SdoKeyCrypt-sys-local-privilege-elevation - CVE-2019-9729
pbb_crack - PBB视频解密
KikoPlay - KikoPlay - A Full-Featured Danmu Player 全功能弹幕播放器
Arma-III-Chinese-Localization-Enhanced - 武裝行動3(Arma 3)官方中文潤飾、加強、在地化翻譯模組。
TrafficMonitor - 这是一个用于显示当前网速、CPU及内存利用率的桌面悬浮窗软件，并支持任务栏显示，支持更换皮肤。
TranslucentTB - A lightweight utility that makes the Windows taskbar translucent/transparent.
mactype - Better font rendering for Windows.
fu - Cross-platform(win/mac/linux) app that allows user to upload images/files in Clipboard to a remote server in exchange for corresponding url with one simple click
PCShare - PCShare是一款强大的远程控制软件，可以监视目标机器屏幕、注册表、文件系统等。
gqrx - Software defined radio receiver powered by GNU Radio and Qt.
gnuradio - GNU Radio
MS16-032 - MS16-032(CVE-2016-0099) for SERVICE ONLY
quickviewer - A image/comic viewer application for Windows, Mac and Linux, it can show images very fast
nysocks - Nysocks binds kcp and libuv to provide an aggressive tcp tunnel in nodejs.
vnote - A note-taking application that knows programmers and Markdown better.
BatchRunTrayTool - A tray tool under windows to open any file by system default or any executable program.
CommandTrayHost - A command line program monitor systray for Windows
fatcat - FAT filesystems explore, extract, repair, and forensic tool
DNS-Persist - DNS-Persist is a post-exploitation agent which uses DNS for command and control.
tinyfecVPN - A VPN Designed for Lossy Links, with Build-in Forward Error Correction(FEC) Support. Improves your Network Quality on a High-latency Lossy Link.
UDPspeeder - A Tunnel which Improves your Network Quality on a High-latency Lossy Link by using Forward Error Correction,for All Traffics(TCP/UDP/ICMP)
Exploit-CVE-2017-6008 - Exploits for CVE-2017-6008, a kernel pool buffer overflow leading to privilege escalation.
incubator-pagespeed-ngx - Automatic PageSpeed optimization module for Nginx
rtorrent - rTorrent BitTorrent client
qwinff - A Qt4/5 GUI Frontend for FFmpeg
tcpflow - TCP/IP packet demultiplexer. Download from:
SysExec - [Windows] Local Privilege Escalation - WebClient
token-priv - Token Privilege Research
notepad2-mod - LOOKING FOR DEVELOPERS - Notepad2-mod, a Notepad2 fork, a fast and light-weight Notepad-like text editor with syntax highlighting
udp2raw-tunnel - A Tunnel which Turns UDP Traffic into Encrypted UDP/FakeTCP/ICMP Traffic by using Raw Socket,helps you Bypass UDP FireWalls(or Unstable UDP Environment)
ssf - Secure Socket Funneling - Network tool and toolkit - TCP and UDP port forwarding, SOCKS proxy, remote shell, standalone and cross platform
pipesocks - A pipe-like SOCKS5 tunnel system.
extractTVpasswords - tool to extract passwords from TeamViewer memory using Frida
twister-core - twister core / daemon
mini-tor - proof-of-concept implementation of tor protocol using Microsoft CNG/CryptoAPI
Beagle_SDR_GPS - KiwiSDR: BeagleBone web-accessible shortwave receiver and software-defined GPS
i2pd - 🛡 I2P: End-to-End encrypted and anonymous Internet
hexed - Windows console-based hex editor
fastnetmon - FastNetMon community - very fast DDoS analyzer with sflow/netflow/mirror support
CodingInterviews - 剑指Offer——名企面试官精讲典型编程题
Stacer - Linux System Optimizer and Monitoring - https://oguzhaninan.github.io/Stacer-Web
HackSysDriverExploits -
psi - XMPP client
librime - Rime Input Method Engine, the core library
Pcap_DNSProxy - Pcap_DNSProxy, a local DNS server based on packet capturing
AV_Kernel_Vulns - Pocs for Antivirus Software‘s Kernel Vulnerabilities
captcha-break - captcha break based on opencv2, tesseract-ocr and some machine learning algorithm.
From-System-authority-to-Medium-authority - Penetration test
ModSecurity - ModSecurity is an open source, cross platform web application firewall (WAF) engine for Apache, IIS and Nginx that is developed by Trustwave's SpiderLabs. It has a robust event-based programming language which provides protection from a range of attacks against web applications and allows for HTTP traffic monitoring, logging and real-time analysis. With over 10,000 deployments world-wide, ModSecurity is the most widely deployed WAF in existence.
InjectProc - InjectProc - Process Injection Techniques [This project is not maintained anymore]
gargoyle - A memory scanning evasion technique
CascLib - An open-source implementation of library for reading CASC storage from Blizzard games since 2014
HElib - An Implementation of homomorphic encryption
wannakey - Wannacry in-memory key recovery
rocksutil - A c++ develop toolkit
security-research-pocs - Proof-of-concept codes created as part of security research done by Google Security Team.
libfuzzer-workshop - Repository for materials of "Modern fuzzing of C/C++ Projects" workshop.
ARMv6m_Simulator - Simple Simulator of ARMv6m instructions
hidviz - A tool for in-depth analysis of USB HID devices communication
x64dbg - An open-source x64/x32 debugger for windows.
HookCase - Tool for reverse engineering macOS/OS X
poc-exp - poc or exp of android vulnerability
ShellcodeStdio - An extensible framework for easily writing compiler optimized position independent x86 / x64 shellcode for windows platforms.
OPCDE - OPCDE Cybersecurity Conference Materials
Richkware - Framework for building Windows malware, written in C++
network_backdoor_scanner - This is a backdoor about discover network device ,and it can hidden reverse connecting the hacker's server with encrypt commuication 后渗透后门程序,适合在已经攻陷的内网中做下一步的网络信息扫描..
InfectPE - InfectPE - Inject custom code into PE file [This project is not maintained anymore]
snippets - Various code snippets and small PoCs, to be used for tests or as ready-made skeletons.
SISE_Traning_CTF_RE - SNST Traning RE Project .华软网络安全小组逆向工程训练营,尝试以CTF 的形式来使大家可以动手训练快速提升自己的逆向工程水平.CTF 的训练程序又浅到深,没有使用太复杂的算法,在逆向的过程中遇到的难关都是在分析病毒和破解中遇到的实际情况,注重于实用.训练营还包含有源代码文件,训练程序和思路.希望可以帮助小伙伴们入门逆向工程这个神奇的世界..
pe_recovery_tools - Helper tools for recovering dumped PE files
CNTK - Microsoft Cognitive Toolkit (CNTK), an open source deep-learning toolkit
PiAUISuite - Raspberry PI AUI Suite
iaito - This project has been moved to:
koalaOS - Microkernel KoalaOS source code
RpcView - RpcView is a free tool to explore and decompile Microsoft RPC interfaces
RedisStudio - RedisStudio Redis GUI client(tool) for windows
fastText.py - A Python interface for Facebook fastText
simhash - 中文文档simhash值计算

CSS

Django-XSS-Platform -
SocialFish - Educational Phishing Tool & Information Collector
orangescan - 在线子域名信息收集工具
Mojave-gtk-theme - Mojave is a macos Mojave like theme for GTK 3, GTK 2 and Gnome-Shell
using-docker-kubernetes-for-automating-appsec-and-osint-workflows - Repository for all the workshop content delivered at nullcon X on 1st of March 2019
w12scan - 🚀 A simple asset discovery engine for cybersecurity. (网络资产发现引擎)
document-library - jsliang 的文档库. 里面包含了个人撰写的所有前端文章，例如 Vue、React,、ECharts、微信小程序等……
RedELK - Red Team's SIEM - easy deployable tool for Red Teams used for tracking and alarming about Blue Team activities as well as better usability in long term operations.
hugo-theme-even - 🚀 A super concise theme for Hugo https://blog.olowolo.com/example-site/
WebRange - 一个Web版的docker管理程序，可以用来运行各种docker漏洞环境和CTF环境。
pySecurity - Python tutorials
tongleer_for_wordpress - tongleer_for_wordpress是一个Wordpress版本的WeiboForWordPress微博主题，又名TleWeiboForWordPress。
smartping - 综合性网络质量(PING)检测工具，支持正/反向PING绘图、互PING拓扑绘图与报警、全国PING延迟地图与在线检测工具等功能
w11scan - 分布式WEB指纹识别平台 Distributed WEB fingerprint identification platform
ZVulDrill - Web漏洞演练平台
tintedarc - An XFCE custom arc and tint2 auto-themer, voila you have yourself a nice theme
CloudFlarePartner - CloudFlare partner website with python and flask
vimix-gtk-themes - Vimix is a flat Material Design theme for GTK 3, GTK 2 and Gnome-Shell etc.
ProgrammingFonts - This is a collection of programming fonts,just share this with the programmers.Now there are 33 kinds of fantastic fonts!
V2ray.Fun - 正在开发的全新 V2ray.Fun
hashview - A web front-end for password cracking and analytics
hangzhou_house_knowledge - 2017年买房经历总结出来的买房购房知识分享给大家，希望对大家有所帮助。买房不易，且买且珍惜。Sharing the knowledge of buy an own house that according to the experience at hangzhou in 2017 to all the people. It's not easy to buy a own house, so I hope that it would be useful to everyone.
CrookedStyleSheets - Webpage tracking only using CSS (and no JS)
SwitchHosts - Switch hosts quickly!
kotlin-reference-chinese - Kotlin 官方文档（参考部分）中文版
wildfire - 🔥From a little spark may burst a flame.
dvna - Damn Vulnerable NodeJS Application
Apaxy - A simple, customisable theme for your Apache directory listing.
transmission-web-control - Transmission Web Control is a custom web UI. The project began in Google Code.
blog - my super blog lite -- just one page. use vue with github api !
hugo-theme-even - 🚀 A super concise theme for Hugo https://blog.olowolo.com/example-site/
my-mac-os - List of applications and tools that make my macOS experience even more amazing
QQ-Groups-Spider - QQ Groups Spider（QQ 群爬虫）
star-history - The missing star history graph of github repos
justdelete.me - A directory of direct links to delete your account from web services.
diy-online-privacy-starter - Chayn's Do It Yourself Online Safety guide helps women keep their online accounts and social profiles secure against harassment, and stalkers. This guide is open source.
Arukas-API - Arukas API 自动获取IP和端口，SSR服务器订阅，Arukas 监测启动
Farbox-NexT - A hexo theme NexT for Farbox.
gitbook-use - 记录GitBook的一些配置及插件信息
cssicon - icon set made with pure css code, no dependencies, "grab and go" icons
tmt-workflow - A web developer workflow used by WeChat team based on Gulp, with cross-platform supported and solutions prepared.
pd3 - 基于D3 v4+进行二次封装及扩展。示例来源于日常项目及客户提出的需求，转化成数据可视化。
hbase-manager - 可视化hbase数据库

CoffeeScript

chinese-copywriting-guidelines - Chinese copywriting guidelines for better written communication／中文文案排版指北

Dockerfile

rapidscan-docker - Docker image of rapidscan
docker-nps -
CVE-2019-6467 - CVE-2019-6467 (BIND nxdomain-redirect)
centos-tomcat - Docker CentOs 7 + Java 8 + Tomcat 8
Awesome-TTRSS - 🐋 Awesome TTRSS, a powerful Dockerised all-in-one RSS solution.
lnmp - 💻 🐳 🐘 🐬 🐧 🚀 Start Docker LNMP(LEMP) In less than 2 minutes Powered by Docker Compose. 让 PHP 开发者快速（一键）搭建基于容器技术（Docker、Kubernetes）的开发、测试、生产（CI/CD）环境.
docker-transmission -
rtorrent-rutorrent - Docker container with supervisor/rtorrent/nginx/ruTorrent 64/32 bit
docker-vulnerability-environment - Use the docker to build a vulnerability environment
docker-cobaltstrike -
kms-server - a docker image for kms
docker-hacklab - My personal hacklab, create your own.
openvas-docker - A Docker container for Openvas
ThreatHunter-Playbook - A Threat hunter's playbook to aid the development of techniques and hypothesis for hunting campaigns.

Emacs Lisp

configure - My dot files for Emacs, Openbox, XMonad, VIM, Golang, Zsh/Bash, tmux, URXVT, ArchLinux, Git, Ruby/Rails, Xbindkey, Vrome...

Erlang

scannerl - The modular distributed fingerprinting engine

Game Maker Language

pgdoc-cn - PostgreSQL manual Chinese translation by China PostgreSQL Users Group

Go

mlog - 基于Golang的社区系统。
build-web-application-with-golang - A golang ebook intro how to build a web with golang
mixin-network-snapshot-golang - crypto currency gateway plugin for web store
nps - 一款轻量级、功能强大的内网穿透代理服务器。支持tcp、udp流量转发，支持内网http代理、内网socks5代理，同时支持snappy压缩、站点保护、加密传输、多路复用、header修改等。支持web图形化管理，集成多用户模式。
zinx - 基于Golang轻量级TCP并发服务器框架
lemonade - Lemonade is a remote utility tool. (copy, paste and open browser) over TCP.
win10-secure-baseline-gpo - Windows 10 and Server 2016 Secure Baseline Group Policy
mr2 - Expose local server to external network
Finder - 一款Go语言实现的端口扫描器.
goSkylar - 基于Golang开发的企业级外网端口资产扫描
arpZebra - ARP+DNS欺骗工具，网络安全第三次实验，课堂演示用，严禁非法用途。ARPSpoof，wifi hijack，dns spoof
k3os - Purpose built OS for Kubernetes, fully managed by Kubernetes.
termshark - A terminal UI for tshark, inspired by Wireshark
vscan-go - golang version for nmap service and application version detection (without nmap installation)
ffuf - Fast web fuzzer written in Go
CapOS - 等级保护测评windows工具源码
x-crack - x-crack - Weak password scanner, Support: FTP/SSH/SNMP/SSQL/MYSQL/PostGreSQL/REDIS/ElasticSearch/MONGODB
dnstunnel - dns tunnel backdoor DNS隧道后门
vuls - Agent-less vulnerability scanner for Linux, FreeBSD, Container Image, Running Container, WordPress, Programming language libraries, Network devices
pathbrute - Pathbrute
whatweb - 更快速的进行Web应用指纹识别
goWhatweb - [学习GO] go语言写的web指纹识别 - Identify websites by go language
livego - 纯 Go 写的直播服务器
Go42 - 《Go语言四十二章经》详细讲述Go语言规范与语法细节及开发中常见的误区，通过研读标准库等经典代码设计模式，启发读者深刻理解Go语言的核心思维，进入Go语言开发的更高阶段。
meshbird - Distributed private networking
dnsbrute - a fast domain brute tool
goscan - Interactive Network Scanner
RedisShake - Redis-shake is a tool for synchronizing data between two redis databases. Redis-shake是一个用于在两个redis之间同步数据的工具
gsm - 使用树莓派配合硬件来进行短信转发
Platypus - 🔨 A modern multiple reverse shell sessions manager written in go
goscan - golang的扫描框架, 支持协程池和自动调节协程个数.
coyim - coyim - a safe and secure chat client
awesome-go-zh - 📚 Go资源精选中文版(含中文图书大全)
gosec - Golang security checker
nps - 一款轻量级、功能强大的内网穿透代理服务器。支持tcp、udp流量转发，支持内网http代理、内网socks5代理，同时支持snappy压缩、站点保护、加密传输、多路复用、header修改等。支持web图形化管理，集成多用户模式。
kunpeng - kunpeng是一个Golang编写的开源POC框架/库，以动态链接库的形式提供各种语言调用，通过此项目可快速开发漏洞检测类的系统。
cmus-lyric - cmus lyric viewer
webtty - Share a terminal session over WebRTC
auxpi - 🍭 集合多家 API 的新一代图床
plik - Plik is a scalable & friendly temporary file upload system ( wetransfer like ) in golang.
goDoH - 🕳godoh - A DNS-over-HTTPS C2
fac - Easy-to-use CUI for fixing git conflicts
gogs - Gogs is a painless self-hosted Git service.
jiacrontab - 提供web界面的任务调度工具
Blind-SQL-Injector - 手工盲注辅助注入工具
docker_ssh_honeypot - 安全开发教学 - 用Docker制作一个高交互ssh蜜罐
lazygit - simple terminal UI for git commands
gitea - Git with a cup of tea, painless self-hosted git service
shuttle - A web proxy in Golang with amazing features.
dnsutil - dns dig for golang
DocHub - 参考百度文库，使用Beego（Golang）开发的开源文库系统
godns - A dynamic DNS client tool, supports AliDNS, Cloudflare, Google Domains, DNSPod & HE.net, written in Go.
tcping - ping over a tcp connection
subcommands - Go subcommand library.
torsniff - torsniff - a sniffer that sniffs torrents from BitTorrent network
merge-nmap-masscan - Merge results from NMAP and Masscan into one CSV file
BAT_Check_DomainName -
usql - Universal command-line interface for SQL databases
PortScan - 端口扫描器
miniflux - Minimalist and opinionated feed reader
DNSSniffer - DNSQuery Sniffer in Golang
go-onion-transport - Tor onion transport for IPFS
goproxy - Proxy is a high performance HTTP(S), websocket,TCP, UDP,Secure DNS,Socks5 proxy server .Chain-style proxies,nat forwarding in different lan,TCP/UDP port forwarding, SSH forwarding ,ipv4 and ipv6 supporting .Proxy是golang实现的高性能http,https,websocket,tcp,防污染DNS,socks5代理服务器,支持内网穿透,链式代理,通讯加密,智能HTTP,SOCKS5代理,前置CDN,域名黑白名单,跨平台,KCP协议支持,支持ipv4和ipv6,集成外部API。
overture - A customized DNS forwarder written in Go
gosu - Simple Go-based setuid+setgid+setgroups+exec
telegramd - Unofficial open source telegram server written in golang
subfinder - SubFinder is a subdomain discovery tool that discovers valid subdomains for websites. Designed as a passive framework to be useful for bug bounties and safe for penetration testing.
qr-filetransfer - ⚡ Transfer files over wifi from your computer to your mobile device by scanning a QR code without leaving the terminal.
rfd-checker - RFD Checker - security CLI tool to test Reflected File Download issues
duplicacy - A new generation cloud backup tool
DockerXScan - DockerXScan——Docker镜像漏洞扫描器
CHAOS - 🔥 CHAOS is a PoC that allow generate payloads and control remote operating systems.
cointop - The fastest and most interactive terminal based UI application for tracking cryptocurrencies
godht -
shadowsocks-go - go port of shadowsocks (Deprecated)
idgen - 一个使用 golang 编写的大陆身份证生成器
GoQuiet - A Shadowsocks obfuscation plugin utilising domain fronting to evade deep packet inspection
subjack - Subdomain Takeover tool written in Go
lightsocks - ⚡️一个轻巧的网络混淆代理🌏
ElasticHD - Elasticsearch 可视化DashBoard, 支持Es监控、实时搜索，Index template快捷替换修改，索引列表信息查看， SQL converts to DSL等
gitleaks - Audit git repos for secrets 🔑
SubOver - A Powerful Subdomain Takeover Tool
x-patrol - github泄露扫描系统
gost - GO Simple Tunnel - a simple tunnel written in golang
apkverifier - APK Signature verification in Go. Supports scheme v1, v2 and v3 and passes Google apksig's testing suite.
goWAPT - Go Web Application Penetration Test
grv - GRV is a terminal interface for viewing git repositories
BaiduPCS-Go - 百度网盘客户端 - Go语言编写
guard - NOT MAINTAINED! A generic high performance circuit breaker & proxy server written in Go
ProxyClient - golang 代理库，和net一致的API。支持 socks4、socks4a、socks5、http、https 等代理协议。
AWS-Scanner - Scans a list of websites for Cloudfront or S3 Buckets
dnscrypt-proxy - dnscrypt-proxy 2 - A flexible DNS proxy, with support for encrypted DNS protocols.
hyperfox - HTTP/HTTPs MITM proxy and traffic recorder with on-the-fly TLS cert generation.
tcptunnel - 将本地内网服务器映射到公网。
ghostunnel - A simple SSL/TLS proxy with mutual authentication for securing non-TLS services
go-http-tunnel - Fast and secure tunnels over HTTP/2
ft - File Transferer
go-ethereum - Official Go implementation of the Ethereum protocol
switcher - 一个多功能的端口转发/端口复用工具，支持转发本地或远程地址的端口，支持正则表达式转发（实现端口复用）。
secureoperator - A DNS-protocol proxy for DNS-over-HTTPS providers, such as Google and Cloudflare
ben - Your benchmark assistant, written in Go.
gOSINT - OSINT Swiss Army Knife
NATBypass - 一款lcx在golang下的实现
xsec-proxy-scanner - xsec-proxy-scanner是一款速度超快、小巧的代理扫描器
ignite - A SS(R) panel for managing multiple users, powered by Go & Docker.
gsnova - Private proxy solution & network troubleshooting tool.
goscan - goscan is a simple and efficient IPv4 network scanner that discovers all active devices on local subnet.
kcpraw - for my own use only
hpkp - golang hpkp client library
subnet - Simple, auditable & elegant VPN, built with TLS mutual authentication and TUN.
goHackTools - Hacker tools on Go (Golang)
rclone - "rsync for cloud storage" - Google Drive, Amazon Drive, S3, Dropbox, Backblaze B2, One Drive, Swift, Hubic, Cloudfiles, Google Cloud Storage, Yandex Files
assh - 💻 make your ssh client smarter
docker-image -
searchscan - Search Nmap and Metasploit scanning scripts.
xsec-ip-database - xsec-ip-database为一个恶意IP和域名库（Malicious ip database）
goflyway - An encrypted HTTP server
fzf - 🌸 A command-line fuzzy finder
kcptun - A Secure Tunnel Based On KCP with N:M Multiplexing
slt - A TLS reverse proxy with SNI multiplexing in Go
frp -
ngrok - Introspected tunnels to localhost
moby - Moby Project - a collaborative project for the container ecosystem to assemble container-based systems
hugo - The world’s fastest framework for building websites.
cloud-torrent - ☁️ Cloud Torrent: a self-hosted remote torrent client
docker_practice - Learn and understand Docker technologies, with real DevOps practice!
kubesec - Secure Secret management for Kubernetes (with gpg, Google Cloud KMS and AWS KMS backends)
xsec-dns-proxy - DNS代理服务器，可以记录log到数据库中
dht - BitTorrent DHT Protocol && DHT Spider.
btcd - An alternative full node bitcoin implementation written in Go (golang)
dnsproxy - 防 DNS 缓存污染，兼顾查询质量与速度
firefly-proxy - A proxy software to help circumventing the Great Firewall.
gscan_quic - Google Quic 扫描工具
fetchserver - phuslu删掉了fetchserver，我重新传一个
glider - glider is a forward proxy with multiple protocols support, and also a dns forwarding server with ipset management features(like dnsmasq).
brook - Brook is a cross-platform(Linux/MacOS/Windows/Android/iOS) proxy/vpn software
awesome-go - A curated list of awesome Go frameworks, libraries and software
caddy - Fast, cross-platform HTTP/2 web server with automatic HTTPS
xray - XRay is a tool for recon, mapping and OSINT gathering from public networks.
flora-kit - 💐 基于 shadowsocks-go 做的完善实现，自动网络分流，完全兼容 Surge 的配置文件。
gh-polls - Polls for user feedback in GitHub issues
WindowsSpyBlocker - 🛡 Block spying and tracking on Windows
dnssearch - A subdomain enumeration tool.
tcpproxy - MOVED TO github.com/google/tcpproxy; OLD: Go package for writing TCP proxies, routing based on HTTP Host headers and SNI server names.
zgrab - DEPRECATED This project has been replaced by https://github.com/zmap/zgrab2
brutemachine - A Go library which main purpose is giving an interface to loop over a dictionary and use those words/lines as input for some custom logic such as HTTP file bruteforcing, DNS bruteforcing, etc.
rqlite - The lightweight, distributed relational database built on SQLite.
aquatone - A Tool for Domain Flyovers
git-all-secrets - A tool to capture all the git secrets by leveraging multiple open source git searching tools
clair - Vulnerability Static Analysis for Containers
tap0901 - Go语言虚拟网卡库，可用于制作对战平台、加速器、防火墙、VPN等
repo-security-scanner - CLI tool that finds secrets accidentally committed to a git repo, eg passwords, private keys
crack_ssh - go写的协程版的ssh\redis\mongodb弱口令破解工具
cronsun - A Distributed, Fault-Tolerant Cron-Style Job System.
fsql - Search through your filesystem with SQL-esque queries.
blockchain_guide - Introduce blockchain related technologies, from theory to practice with bitcoin, ethereum and hyperledger.
node - Mysterium Node - VPN server and client for Mysterium Network
ebreader - 一个让你可以在浏览器中阅读Epub电子书的CLI程序，使用Golang编写
pilosa - Pilosa is an open source, distributed bitmap index that dramatically accelerates queries across multiple, massive data sets.
kr - A dev tool for SSH auth + Git commit/tag signing using a key stored in Krypton.
go-mbf - MongoDB Login Brute Forcer
nvm-windows - A node.js version management utility for Windows. Ironically written in Go.
toxiproxy - ⏰ 🔥 A TCP proxy to simulate network and system conditions for chaos and resiliency testing
xapimanager - XAPI MANAGER -专业实用的开源接口管理平台，为程序开发者提供一个灵活，方便，快捷的API管理工具，让API管理变的更加清晰、明朗。如果你觉得xApi对你有用的话，别忘了给我们点个赞哦^_^ ！
frp - A fast reverse proxy to help you expose a local server behind a NAT or firewall to the internet.
cilium - API Aware Networking and Security using BPF and XDP
linuxkit - A toolkit for building secure, portable and lean operating systems for containers
scope - Monitoring, visualisation & management for Docker & Kubernetes
gdrive - Google Drive CLI Client
dnscontrol - Synchronize your DNS to multiple providers from a simple DSL
ruler - A tool to abuse Exchange services
honeybits - A PoC tool designed to enhance the effectiveness of your traps by spreading breadcrumbs & honeytokens across your systems to lure the attacker toward your honeypots
qshell - qshell是利用七牛文档上公开的API实现的一个方便开发者测试和使用七牛API服务的命令行工具。
geoip - query geo-locations of ips
gitrob - Reconnaissance tool for GitHub organizations
wukong - 高度可定制的全文搜索引擎
beego - beego is an open-source, high-performance web framework for the Go programming language.
kcptun - A Stable & Secure Tunnel Based On KCP with N:M Multiplexing
the-way-to-go_ZH_CN - 《The Way to Go》中文译本，中文正式名《Go 入门指南》
negroni - Idiomatic HTTP Middleware for Golang
kingshard - A high-performance MySQL proxy

HTML

flutter-in-action - 《Flutter实战》电子书
most-frequent-technology-english-words - 程序员工作中常见的英语词汇
hexo-theme-matery - A beautiful hexo blog theme with material design and responsive design.一个基于材料设计和响应式设计而成的全面、美观的Hexo主题。
china-indie-podcasts - 发现与推荐高质量的中文独立播客
HTML5 - HTML5学习、总结、实践
go101 - An online book focusing on Go syntax/semantics.
Real-timeDetectionAD_ver2 -
sec_profile - 爬取secwiki和xuanwu.github.io/sec.today,分析安全信息站点、安全趋势、提取安全工作者账号(twitter,weixin,github等)
mall - ssm小商城
springboot-manage - 基于SpringBoot + Mybatis + Thymeleaf + Redis + MongoDB + MySQL开发的商品管理系统
frida-all-in-one - 《FRIDA操作手册》by @hluwa @r0ysue
live - 完整搭建直播平台实例
xssgun - xss payloads generator
cs_custom_404 - Cobalt strike custom 404 page
BabySploit - 👶 BabySploit Beginner Pentesting Toolkit/Framework Written in Python 🐍
springboot-ssm - springboot整合mybatis(SSM项目整合)
xss-payload-list - 🎯 Cross Site Scripting ( XSS ) Vulnerability Payload List
SecurityMind - 旨在通过分析企业信息安全建设过程中的心路历程，从技术、管理、治理等多个层面了解企业信息安全建设的不同阶段
sec_profile - 安全行业信息趋势分析
springboot-penguin - 🐧基于SpringBoot+Mybatis+Thymeleaf+SemanticUI+Bootstrap的在线考试系统(低仿牛客网)
yan-demo - 本项目是基于 SpringMVC+Spring+MyBatis （SSM）架构的高效率便捷开发框架
ChineseDarkWebCrawler - 中文暗网爬虫
TrackRay - 溯光 (TrackRay) 3 Beta 版插件式渗透测试框架（资产扫描|指纹识别|暴力破解|网页爬虫|端口扫描|漏洞扫描|AWVS|NMAP|Metasploit）
flask_multi_uploader - flask+webuploader实现多文件上传
programthink - for 热心读者
awesome-piracy - A curated list of awesome warez and piracy links
Weak-password - 字典大全 dictionary
zfaka - 免费、安全、稳定、高效的发卡系统，值得拥有!
ctf-wiki - CTF Wiki Online, English version already arrived !!!
Windows-Secure-Host-Baseline - Configuration guidance for implementing the Windows 10 and Windows Server 2016 DoD Secure Host Baseline settings. #nsacyber
proxylist - proxylist, generate by fate0/getproxy project in every 15 minute
awesome-resume - 包含简历常用例句
dvxte - Damn Vulnerable Xebia Training Environment
vulnreport - Open-source pentesting management and automation platform by Salesforce Product Security
pentraining - 一个网络安全基础知识的教程。内容比较杂，好在都是实验视频和工具提供，可以自行动手完成实验。
SQLInjectionWiki - A wiki focusing on aggregating and documenting various SQL injection methods
JavaWiki - 不定期收集与JAVA有关书籍或文章
shiro-example - 跟我学Shiro（我的公众号：kaitao-1234567，我的新书：《亿级流量网站架构核心技术》）
fuzzdb - 一个fuzzdb扩展库
wordpress-vulscan - WordPress vulnerability scanner
linux-explorer - Easy-to-use live forensics toolbox for Linux endpoints
owasp-mstg - The Mobile Security Testing Guide (MSTG) is a comprehensive manual for mobile app security development, testing and reverse engineering.
CV - 🙈《切图仔面试宝典》曾立心想放弃，仍竭力以心献技
HadoopAndSparkDataStudy - 这是一本关于大数据学习记录的手册,主要针对初学者.做为一个老IT工作者,学习是一件很辛苦的事情.希望这本手册对帮助大家快速的学习与认识大数据(特指Hadoop Spark),为了不让初学者一下接触爆炸式的新概念,我们会以实验先行,概念跟进的方式进行课程学习,这样有利于大家快速进入状态,而不至于一直深陷逻辑概念出不来,但是每个人的学习方式不一样,仁者见仁智者见智吧.大家如果有意见请给我发邮件[email protected] — 楚广明
security-txt - A proposed standard that allows websites to define security policies.
quickstart-compliance-pci - AWS Quick Start Team
Campus-FakeAP - 针对校园网的wifi钓鱼工具
Awesome-CTF-Book - Study CTF, study security
WAF-Bypass - WAF Bypass Cheatsheet
js-xss - Sanitize untrusted HTML (to prevent XSS) with a configuration specified by a Whitelist
TranslatorX - JetBrains 系列软件汉化包关键字: Android Studio 3.4 汉化包 CLion 2019.1 汉化包 DataGrip 2019.1 汉化包 GoLand 2019.1 汉化包 IntelliJ IDEA 2019.1 汉化包 PhpStorm 2019.1 汉化包 PyCharm 2019.1 汉化包 RubyMine 2019.1 汉化包 WebStorm 2019.1 汉化包
PyCharm-Chinese - PyCharm Chinese Language Pack（中文语言包）
prism-break - Privacy/security-oriented software recommendations (mirrored from GitLab)
krackattacks -
seedbox-manager - [UNMAINTAINED] Web app for manage your seedbox
docker-armhf-torrentbox - Docker image with nginx + php5-fpm + rtorrent + rutorrent(web ui) started with supervisord
ultimate-torrent-setup - All the files needed for the Ultimate Torrent Setup, featuring Ubuntu, rtorrent, ruTorrent, Sonarr, Radarr.
CVE-2017-7092-PoC - This is the Pwn2Own 2017 Safari backup vul's exploit.
dorm-system - Dorm System
Software-Security-Learning - Software-Security-Learning
Web-Security-Learning - Web-Security-Learning
gosense - A blog web App powered by golang, document at https://gosense.netroby.com the author blog was an example
linuxtools_rst - Linux工具快速教程
bitaddress.org - JavaScript Client-Side Bitcoin Wallet Generator
DIY-Cybersecurity-For-Domestic-Violence - Abuse adapts to technology. You deserve privacy and compassion.
privacytools-zh - privacytool.io -Traditional Chinese version
privacytools.io - 🛡️ encryption against global mass surveillance
wooyun-wiki - wiki.wooyun.org的部分快照网页
skills - Linux、WAF、正则、web安全等一些知识点的总结
Manual -
Music-Downloader - Download any music from web
drek - A static-code-analysis tool for performing security-focused code reviews. It enables an auditor to swiftly map the attack-surface of a large application, with an emphasis on identifying development anti-patterns and footguns.
angryFuzzer - Tools for information gathering
domxsswiki - Automatically exported from code.google.com/p/domxsswiki
ipot - Honeypot Research Blog 蜜罐技术研究小组
debugger-protocol-viewer - DevTools Protocol API docs—its domains, methods, and events
visualize_logs - A Python library and command line tools to provide interactive log visualization.
WamaCry - a fake WannaCry
HTTPLeaks - HTTPLeaks - All possible ways, a website can leak HTTP requests
WooyunDrops - Wooyun知识库，乌云知识库，https://wooyun.kieran.top
fluxion - Fluxion is a remake of linset by vk496 with less bugs and enhanced functionality.
OldMirrorsFrontend - mirrors.zju.edu.cn
Broadlink-RM-SmartThings-Alexa - Control RF and Ir devices using SmartThings and Alexa.
sleepy-puppy - Deprecated please use https://github.com/Netflix/sleepy-puppy
fe - 《我的职业是前端工程师》 - Ebook：I'm a FrontEnd Developer
Sreg - Sreg可对使用者通过输入email、phone、username的返回用户注册的所有互联网护照信息。
1000php - 1000个PHP代码审计案例(2016.7以前乌云公开漏洞)
badssl.com - 🔒 Memorable site for testing clients against bad SSL configs.
portainer - Making Docker management easy.
solid - Solid - Re-decentralizing the web (project directory)
TheHive - TheHive: a Scalable, Open Source and Free Security Incident Response Platform
Anti-Anti-Spider - 越来越多的网站具有反爬虫特性，有的用图片隐藏关键数据，有的使用反人类的验证码，建立反反爬虫的代码仓库，通过与不同特性的网站做斗争（无恶意）提高技术。（欢迎提交难以采集的网站）（因工作原因，项目暂停）
ThreatPinchLookup - Documentation and Sharing Repository for ThreatPinch Lookup Chrome & Firefox Extension
ElvisProjs -
material-blog -
cs231n.github.io - Public facing notes page
elasticsearch-definitive-guide - 欢迎加QQ群：109764489，贡献力量！
d3-v4-whats-new -
WebFundamentals - Best practices for modern web development
learning-react - materials about learning react
500LineorLess_CN - 500 line or less 中文翻译计划。
php_webDataMining - php_webDataMining，PHP网络数据挖掘，第一个应用是爬取并分析和（草）谐（榴）论坛的一个版块数据并作可视化分析
Zhihu_bigdata - 使用scrapy和pandas完成对知乎300w用户的数据分析。首先使用scrapy爬取知乎网的300w，用户资料，最后使用pandas对数据进行过滤，找出想要的知乎大牛，并用图表的形式可视化。

Haskell

FuncShell - Improve your shell by making it functional through Haskell! (An update to Awkward)
real-world-haskell-cn - 《Real World Haskell》中文翻译项目

Java

mall-learning - mall学习教程，架构、业务、技术要点全方位解析。mall项目（16k+star）是一套电商系统，使用现阶段主流技术实现。涵盖了SpringBoot2.1.3、MyBatis3.4.6、Elasticsearch6.2.2、RabbitMQ3.7.15、Redis3.2、Mongodb3.2、Mysql5.7等技术，采用Docker容器化部署。
EasyScheduler - Easy Scheduler is a distributed workflow task scheduling system, which mainly resolve the problem of "complicated task dependencies but cannot directly monitor the health status of tasks". Easy Scheduler assembles tasks in a DAG diagram and can monitor the running status of tasks in real time. Meanwhile, It supports operations such as retry, recovery failure from the specified node, pause and kill tasks.中文描述：Easy Scheduler是一个分布式工作流任务调度系统，主要解决"错综复杂的任务依赖关系，而不能直观监控任务健康状态等问题"。Easy Scheduler以DAG流式的方式将Task组装起来，并可实时监控任务的运行状态，同时支持重试、从指定节点恢复失败、暂停及Kill任务等操作。EasyScheduler由在工作流调度方面工作多年的多位小伙伴研发而成，致力于成为大数据平台的中流砥柱，使调度变得更加容易，更可以从其中文名“易调度”看出我们的初衷，如果你对目前市面上的调度不够满意，非常欢迎使用易调度，欢迎大家加入进来，提出需求，也欢迎贡献代码
FEBS-Shiro - Spring Boot 2.1.3，Shiro1.4.0 & Layui 2.5.4 权限管理系统。预览地址：http://49.234.20.223:8080/login
SpringCloudLearning - 《史上最简单的Spring Cloud教程源码》
authz -
concurrent-programming - 🌵《实战java高并发程序设计》源码整理
JS-Sorting-Algorithm - 一本关于排序算法的 GitBook 在线书籍《十大经典排序算法》，使用 JavaScript & Python & Go & Java 实现。
Java - Java的学习之路，学习JavaEE以及框架时候的一些项目，结合博客和源码，让你受益匪浅，适合Java初学者和刚入门开始学框架者
java-core-learning-example - 关于Java核心技术学习积累的例子，是初学者及核心技术巩固的最佳实践。
Msgs - 短信群发，支持单卡/双卡，发送短信，Excel导入
jeecg-boot - 一款基于代码生成器的JAVA快速开发平台！全新架构前后端分离：SpringBoot 2.x，Ant Design&Vue，Mybatis，Shiro，JWT。强大的代码生成器让前后端代码一键生成，无需写任何代码，绝对是全栈开发福音！！ JeecgBoot的宗旨是提高UI能力的同时,降低前后分离的开发成本，JeecgBoot还独创在线开发模式，No代码概念，一系列在线智能开发：在线配置表单、在线配置报表、在线设计流程等等。
RxJavaLearningMaterial - 这是一份详细的RxJava学习攻略 & 指南
Second-hand-mall - 模仿咸鱼的二手交易商城
Shiro-Action - 基于 Shiro 的权限管理系统，支持 restful url 授权，体验地址 :
java-sec-code - Java common vulnerabilities and fixed code.
vulnerability-assessment-tool - Analyses your Java and Python applications for open-source dependencies with known vulnerabilities, using both static analysis and testing to determine code context and usage for greater accuracy. https://sap.github.io/vulnerability-assessment-tool/
rhizobia_J - JAVA安全SDK及编码规范
Spring-Boot-In-Action - Spring Boot 系列实战合集
javaweb-codereview - javaweb-codereview
jsEncrypter - 一个用于加密传输爆破的Burp Suite插件
answerWeb - 基于SSM在线答题系统
Java_deserialize_vuln_lab - Java 反序列化学习的实验代码 Java_deserialize_vuln_lab
starrtc-android-demo - 🚀starRTC，即时通讯(IM)系统，免费IM系统（含单聊，群聊，聊天室，文件传输），免费一对一视频聊天，VOIP，语音对讲（回音消除），直播连麦，视频直播，RTSP拉流，RTMP推流，webRTC服务端，在线教育，白板，小班课，在线会议，视频会议，视频监控，局域网直连（无需服务器），兼容webRTC, 支持webRTC加速，P2P高清传输，安卓、iOS、web互通，支持门禁对讲，可视对讲，电视盒子，树莓派，海思，全志，任天堂switch，云游戏，OTT设备，物联网平台，C语言自研方案，支持二次开发成类微信，类映客等APP，✨万水千山总是情，来个star行不行✨，更多示例请访问：
SpringAll - 循序渐进，学习Spring Boot、Spring Boot & Shiro、Spring Cloud、Spring Security & Spring Security OAuth2，博客Spring系列源码
Gotrip - 民宿旅游管理系统，SSM框架实现
EStore - 一个基于JavaWeb的网上电子购物城项目，实现展示商品、购买商品、提交订单、持久化保存到数据库等基本功能
hfuu_shop - 原生Jsp和Servlet实现的简单二手物品交易网站 demo => http://veekxt.com/hfuu_shop
MMall_JAVA - 基于SSM框架的前后端分离设计完整仿天猫网站服务器端源码。项目特点：前后端分离，数据库接口设计，架构设计，功能开发，上线运维
SSM-personnel-management-system - 基于SSM的人事管理系统，适合初学者第一个实战项目
LEMarket - 基于Java SSM框架和layui构建的手机商城系统（包含前后台）
S-mall-servlet - 小小商城系统，JavaWEB项目，基于原生Servlet，仿天猫页面，功能齐全
xxshop - (B2C) 基于Java 的SSM的B2C电商网站
Psychological-counseling-system - 心理咨询预约系统Base On SSM
godofwar - GodOfWar - Malicious Java WAR builder with built-in payloads
biubiu - 弹幕视频与直播网站
BurpBounty - Burp Bounty (Scan Check Builder in BApp Store) is a extension of Burp Suite that allows you, in a quick and simple way, to improve the active and passive scanner by means of personalized rules through a very intuitive graphical interface.
SSM-Maven-Heima - 这是一个使用SSM(Spring+Springmvc+Mybatis)框架的商城小项目，使用Maven构建项目，以MySQL为数据库系统，Redis的缓存服务器（并不是用的很多）。商城分为后台人员管理界面和前台处理服务器两个方面。实现了登录，邮件注册，redis缓存机制，cookie的历史记录浏览，分页浏览商品，加入购物车，提交订单等等功能。最精彩的是，如果你刚刚学完基础的SSM框架，那么你就可以跟着视频一起完成这个很nice的小工程了。话不多说，让我们进入无尽的学习中吧！（光头不再是梦想:) ）
Liudao - “六道”实时业务风控系统
multimarkdown - 破解 IntelliJ IDEA 的 Markdown Navigator 插件，觉着不错的话可以 Start 一下哟！
Images-to-PDF - An app to convert images to PDF file!
CVE-2018-3252 - CVE-2018-3252-PoC
jboss-_CVE-2017-12149 - CVE-2017-12149 jboss反序列化可回显
javacore - ☕ JavaCore 是对 Java 核心技术的经验总结。
spring-cloud-online-exam - 基于Spring Cloud的在线考试系统
OnlineMall - ⬆️ 基于springboot+thymeleaf+spring data jpa+druid+bootstrap+layui等技术的JavaWeb电商项目(项目包含前后台,分为前台商城系统及后台管理系统。前台商城系统包含首页门户、商品推荐、商品分类、商品搜索、商品展示、商品详情、购物车、订单流程、用户中心、评论(有些bug,当时做得不够好,下一个项目的评论模块比这个好)、模拟支付等模块。后台管理系统包含商品管理、订单管理、用户管理等模块。系统介绍及详细功能点、技术点见项目内文档描述)☀️
maven-scan - java maven项目依赖jar漏洞扫描，指定pom文件扫描
HackBar - HackBar plugin for Burpsuite v1.0
traccar - Traccar GPS Tracking System
XSSBlindInjector - burp插件，实现自动化xss盲打以及xss log
ProjectTree - 新人熟悉项目必备工具！基于AOP开发的一款方法调用链分析框架，简单到只需要一个注解，异步非阻塞，完美嵌入Spring Cloud、Dubbo项目！再也不用担心搞不懂项目！
chunked-coding-converter - Burp suite 分块传输辅助插件
Nessus_to_report - Nessus中文报告自动化脚本
SpringCloudLesson - SpringCloud从入门到精通系列课程
locker - mybatis乐观锁插件,MyBatis Optimistic Locker Plugin
shoppingMall - 使用主流框架组合SSM开发，并引入新技术，全面丰富的一个商城项目
mytwitter - 一个模仿Twitter的Java Web项目（基于原生的Servlet）
APIJSON - 🏆Gitee Most Valuable Project 🚀A JSON Transmission Protocol and an ORM Library for auto providing APIs and Documents.
ghidra - Ghidra is a software reverse engineering (SRE) framework
toBeTopJavaer - To Be Top Javaer - Java工程师成神之路
manong-ssm - 基于SSM框架的Java分布式电商项目
retailscm-biz-suite - 供应链，零售供应链中台系统，集成零售管理, 电子商务, 供应链管理, 财务管理, 车队管理, 仓库管理, 人员管理, 产品管理, 订单管理, 会员管理, 连锁店管理, 加盟管理, 前端React/Ant Design, 后端Java Spring+自有开源框架，全面支持MySQL, PostgreSQL, 全面支持国产数据库南大通用GBase 8s,通过REST接口调用，前后端完全分离。
S-mall-ssm - 小小商城系统，JavaWEB项目，基于SSM，仿天猫页面，功能齐全，实现了自动处理关联查询的通用Mapper、抽象 BaseService 类、注解鉴权、参数注解校验等
xxl-sso - A distributed single-sign-on framework.（分布式单点登录框架XXL-SSO）
vhr - 微人事是一个前后端分离的人力资源管理系统，项目采用SpringBoot+Vue开发。
spring-boot-examples - about learning Spring Boot via examples. Spring Boot 教程、技术栈示例代码，快速简单上手教程。
mybatis-lite - Mybatis - Plugin Free版
JavaEE - 🔥⭐️👍框架(SSM/SSH)学习笔记
t-io - t-io是基于aio(nio2)的网络编程框架，和netty属于同类，但t-io更注重一线开发工程师的感受，提供了大量和业务相关的API。基于t-io来开发IM、TCP私有协议、RPC、游戏服务器端、推送服务、实时监控、物联网、UDP、Socket将会变得空前的简单。
Java - All Algorithms implemented in Java
mall - mall项目是一套电商系统，包括前台商城系统及后台管理系统，基于SpringBoot+MyBatis实现。前台商城系统包含首页门户、商品推荐、商品搜索、商品展示、购物车、订单流程、会员中心、客户服务、帮助中心等模块。后台管理系统包含商品管理、订单管理、会员管理、促销管理、运营管理、内容管理、统计报表、财务管理、权限管理、设置等模块。
miaosha - ⭐⭐⭐⭐秒杀系统设计与实现.互联网工程师进阶与分析🙋🐓
weixin-bot - 使用微信Api实现微信客户端功能（使用Java开发）可用于监控女朋友是否出轨、特别关心钉钉提醒功能
advanced-java - 😮 互联网 Java 工程师进阶知识完全扫盲：涵盖高并发、分布式、高可用、微服务等领域知识，后端同学必看，前端同学也可学习
JrebelBrainsLicenseServerforJava -
MyBatisCodeHelper-Pro-Crack - Crack for Intellij IDEA plugin: MybatisCodeHelperPro.
Java-Web-Security - Java-Web-Security - Sichere Webanwendungen mit Java entwickeln
LeetCodeAnimation - Demonstrate all the questions on LeetCode in the form of animation.（用动画的形式呈现解LeetCode题目的思路）
jndiat - JNDI Attacking Tool
gitstar-ranking - GitHub star ranking for users, organizations and repositories
AES-Killer - Burp plugin to decrypt AES Encrypted traffic of mobile apps on the fly
MyTech - Java的基础总结和学习笔记，包括Java核心技术点和常见知识点。同时提供了Java基础原理的代码实现，供大家实践时参考。已补充JVM和JUC的相关内容，欢迎交流。
java-learning - 旨在打造在线最佳的 Java 学习笔记，含博客讲解和源码实例，包括 Java SE 和 Java Web
JavaGuide - 【Java学习+面试指南】一份涵盖大部分Java程序员所需要掌握的核心知识。
greys-anatomy - Java诊断工具
segmentfault-lessons - Segment Fault 在线讲堂代码工程
HTTPHeadModifer - 一款快速修改HTTP数据包头的Burp Suite插件
redis-manager - Redis 一站式管理平台，支持集群创建、管理、监控、报警
BurpSuite_Pro_v1.7.32 - BurpSuite_Pro_v1.7.32
JCSprout - 👨‍🎓 Java Core Sprout : basic, concurrent, algorithm
BurpSuiteHTTPSmuggler - A Burp Suite extension to help pentesters to bypass WAFs or test their effectiveness using a number of techniques
domain_hunter - A Burp Suite Extender that try to find sub-domain, similar-domain and related-domain of an organization, not only a domain! 利用burp收集整个企业、组织的域名（不仅仅是单个主域名）的插件
knife - A burp extension that add some useful function to Context Menu 添加一些右键菜单让burp用起来更顺畅
Cknife - Cknife
IPAddressQuery - 基于纯真库的ip信息查询服务
IIS-ShortName-Scanner - latest version of scanners for IIS short filename (8.3) disclosure vulnerability
CVE-2018-1270 - Spring messaging STOMP protocol RCE
mongodb-file-server - MongoDB File Server is a file server system based on MongoDB. 基于 MongoDB 的文件服务器。
gdns - A Secure DNS Server (forwarder) based on Google DNS over HTTPS Service
mybatis-generator-gui - mybatis-generator界面工具，让你生成代码更简单更快捷
CS-Notes - 📚 Tech Interview Guide 技术面试必备基础知识、Leetcode 题解、Java、C++、Python、后端面试、操作系统、计算机网络、系统设计
mssql-jdbc - The Microsoft JDBC Driver for SQL Server is a Type 4 JDBC driver that provides database connectivity with SQL Server through the standard JDBC application program interfaces (APIs).
ideaagent - IntelliJ IDEA 辅助工具
MybatisPlugin-Crack-Javassist - Javassist实现的破解IDEA MybatisPlugin修改字节码工具，仅供学习用途。
lombok-intellij-plugin - Lombok Plugin for IntelliJ IDEA
PhrackCTF-Platform-Team - CTF platfrom(Team Version) developed by Jarvis from Phrack Team. 做一个功能最全的CTF平台。
javaide - Code editor, java auto complete, java compiler, aapt, dx, zipsigner for Android
PyCmd - python+php+jsp WebShell（一句话木马）
TLS-Scanner - The TLS-Scanner Module from TLS-Attacker
Oracle-WebLogic-CVE-2017-10271 - WebLogic Wls-wsat XMLDecoder 反序列化
Recaf - A modern Java bytecode editor
proxyee-down - http下载工具，基于http代理，支持多连接分块下载
CobaltStrike_Hanization - CobaltStrike 2.5中文汉化版
ANRManager - ANR collector which can collect ANR information（收集ANR相关信息的工具类）
SecQuanCknife - SecQuanCknife
PhrackCTF-Platform-Personal - CTF platfrom developed by Jarvis from Phrack Team. 做一个功能最全的CTF平台。
POC-Collect - 各种开源CMS 各种版本的漏洞以及EXP 该项目将不断更新
VirtualLocation - 利用Hook技术对APP进行虚拟定位，可修改微信、QQ、以及一些打卡APP等软件，随意切换手机所处位置！
from-java-to-kotlin - From Java To Kotlin - Your Cheat Sheet For Java To Kotlin
MemoryMonitor - Memory clean, pss monitor tool, for developer
dexknife-wj - apk加固插件带签名校验、dex加密、资源混淆
haven - Haven is for people who need a way to protect their personal spaces and possessions without compromising their own privacy, through an Android app and on-device sensors
zrlog - ZrLog是使用 Java 开发的博客/CMS程序，具有简约，易用，组件化，内存占用低等特点。自带 Markdown 编辑器，让更多的精力放在写作上，而不是花费大量时间在学习程序的使用上。
S2-055-PoC - S2-055的环境，基于rest-show-case改造
BurpUnlimitedre - This project !replace! BurpUnlimited of depend (BurpSutie version 1.7.27). It is NOT intended to replace them!
study-struts2-s2-054_055-jackson-cve-2017-7525_cve-2017-15095 - Struts2の脆弱性S2-045, S2-055 および Jackson の脆弱性 CVE-2017-7525, CVE-2017-15095 の調査報告
probe-android - OONI Probe Android
lanproxy - lanproxy是一个将局域网个人电脑、服务器代理到公网的内网穿透工具，目前仅支持tcp流量转发，可支持任何tcp上层协议（访问内网网站、本地支付接口调试、ssh访问、远程桌面...）。目前市面上提供类似服务的有花生壳、TeamView、GoToMyCloud等等，但要使用第三方的公网服务器就必须为第三方付费，并且这些服务都有各种各样的限制，此外，由于数据包会流经第三方，因此对数据安全也是一大隐患。
OpenRefine - OpenRefine is a free, open source power tool for working with messy data and improving it
BurpUnlimited - This project EXTENDS BurpLoader's license. It is NOT intended to replace BurpLoader.
burp-molly-scanner - Turn your Burp suite into headless active web application vulnerability scanner
sAINT - 👁️ (s)AINT is a Spyware Generator for Windows systems written in Java.
CVE-2017-12149 - CVE-2017-12149 JBOSS as 6.X反序列化(反弹shell版)
Tomcat_weak_password_scan - Tomcat弱口令扫描器
ksql - KSQL - the Streaming SQL Engine for Apache Kafka
BaRMIe - Java RMI enumeration and attack tool.
NSTProxy - 一款存储HTTP请求入库的burpsuite插件
dragonite-java - A reliable application level data transport protocol based on UDP, highly optimized for lossy & unstable networks. (Java version)
p3c - Alibaba Java Coding Guidelines pmd implements and IDE plugin
burp-vulners-scanner - Vulnerability scanner based on vulners.com search API
waf - 🚦Web Application Firewall or API Gateway(应用防火墙/API网关)
NMapGUI - Advanced Graphical User Interface for NMap
xtunnel - An useful TCP/SSL tunnel utility.
blog - SpringBoot + Mybatis + thymeleaf 搭建的个人博客 http://www.54tianzhisheng.cn/
spring-boot-projects - 该仓库中主要是 Spring Boot 的入门学习教程以及一些常用的 Spring Boot 实战项目教程，包括 Spring Boot 使用的各种示例代码，同时也包括一些实战项目的项目源码和效果展示，实战项目包括基本的 web 开发以及目前大家普遍使用的前后端分离实践项目等，摆脱各种 hello world 入门案例的束缚，真正的掌握 Spring Boot 开发。
ActivityHijacker - Hijack and AntiHijack for Android activity.
tourist-lovers-sns - 基于SpringBoot的旅游爱好者社交网站:train:
jsp -
bypasswaf - Add headers to all Burp requests to bypass some WAF products
sqlmap4burp - sqlmap embed in burpsuite
burp-paramalyzer - Paramalyzer - Burp extension for parameter analysis of large-scale web application penetration tests.
SuperSerial-Active - SuperSerial-Active - Java Deserialization Vulnerability Active Identification Burp Extender
PHPUnserializeCheck - PHP Unserialize Check - Burp Scanner Extension
BurpCRLFPlugin - Another plugin for CRLF vulnerability detection
ShakaApktool - ShakaApktool
JKS-private-key-cracker-hashcat - Nail in the JKS coffin - Cracking passwords of private key entries in a JKS file
J2EEScan - J2EEScan is a plugin for Burp Suite Proxy. The goal of this plugin is to improve the test coverage during web application penetration tests on J2EE applications.
JavaRansomware - Simple Ransomware Tool in Pure Java
csp-auditor - Burp and ZAP plugin to analyse Content-Security-Policy headers or generate template CSP configuration from crawling a Website
xssValidator - This is a burp intruder extender that is designed for automation and validation of XSS vulnerabilities.
psychoPATH - psychoPATH - an advanced path traversal tool. Features: evasive techniques, dynamic web root list generation, output encoding, site map-searching payload generator, LFI mode, nix & windows support, single byte generator, payload export.
marshalsec -
Burp-Hunter - XSS Hunter Burp Plugin
whois - RIPE Database whois code repository
security - Happy Hacker
EquationExploit - Eternalblue Doublepulsar exploit
tomcat-maven -
WebLogicPasswordDecryptor - PowerShell script and Java code to decrypt WebLogic passwords
jackhammer - Jackhammer - One Security vulnerability assessment/management tool to solve all the security team problems.
hack_sjtu_2017 -
Wsdler - WSDL Parser extension for Burp
Java-Deserialization-Scanner - All-in-one plugin for Burp Suite for the detection and the exploitation of Java deserialization vulnerabilities
RxHttpUtils - Rxjava+Retrofit封装，便捷使用
browserprint - An open-source browser fingerprinting suite.
hack-android - Collection tools for hack android, java
ysoserial - A proof-of-concept tool for generating payloads that exploit unsafe Java object deserialization.
fastjson-remote-code-execute-poc - fastjson remote code execute poc 直接用intellij IDEA打开即可首先编译得到Test.class，然后运行Poc.java
itchat4j - itchat4j -- 用Java扩展个人微信号的能力
Halcyon - First IDE for Nmap Script (NSE) Development.
ApkToolPlus - ApkToolPlus 是一个 apk 逆向分析工具（a apk analysis tools）。
SerialKiller - Look-Ahead Java Deserialization Library
binnavi - BinNavi is a binary analysis IDE that allows to inspect, navigate, edit and annotate control flow graphs and call graphs of disassembled code.
android-vts - Android Vulnerability Test Suite - In the spirit of open data collection, and with the help of the community, let's take a pulse on the state of Android security. NowSecure presents an on-device app to test for recent device vulnerabilities.
burplist -
backslash-powered-scanner - Finds unknown classes of injection vulnerabilities
netty-in-action-cn - Netty In Action 中文版
android-tips-tricks - ☑️ [Cheatsheet] Tips and tricks for Android Development
zhihuWebSpider - https://github.com/QiuMing/zhihuWebSpider.git
zaproxy - The OWASP ZAP core project
ip2region - Ip2region is a offline IP location library with accuracy rate of 99.9% and 0.0x millseconds searching performance. DB file is less then 5Mb with all ip address stored. binding for Java,PHP,C,Python,Nodejs,Golang,C#,lua. Binary,B-tree,Memory searching algorithm
shelling - SHELLING - a comprehensive OS command injection payload generator
disconf - Distributed Configuration Management Platform(分布式配置管理平台)
moco - Easy Setup Stub Server
DanmakuFlameMaster - Android开源弹幕引擎·烈焰弹幕使～
AndroidUtilCode - 🔥 Android developers should collect the following utils(updating).
GitClub - An elegent Android Client for Github. 不仅仅是Github客户端，而且是一个发现优秀Github开源项目的app
rocketmq - Mirror of Apache RocketMQ
preWork - 陈炯栩SRP-专利联机分析挖掘可视化系统，所需要的预备性工作，包括获取专利文件、数据库的建立、索引等等
StockData2Hbase - 股票交易数据处理的整个业务流程数据源--->数据采集--->数据归类--->数据储存--->数据分析--->数据可视化
VisualSocialNetwork - 用图状数据结构表达社交网络中实体、边的关系，以 web 应用形式可视化展示。
bigtable-sql - 分布式大数据SQL查询可视化界面！
Burp-Non-HTTP-Extension - Non-HTTP Protocol Extension (NoPE) Proxy and DNS for Burp Suite.

JavaScript

Wappalyzer - Cross-platform utility that uncovers the technologies used on websites.
CoCoMusic - a simple music player built by electron and vue
solr-sgk - 大数据社工裤 demo
boot-chat - 🔖 基于SpringBoot + WebSocket的在线聊天系统，实现单窗口消息推送、群消息推送、上线提醒、Redis会话消息储存
MCSManager - 轻量级，多实例与虚拟化功能的 Minecraft 服务端管理面板
webug4.0 - webug4.0
Thief-Book - 一款真正的跨平台摸鱼神器
tget - tget is wget for torrents
steam-key - Online activation tool for Steam.
itranswarp - Full-featured CMS including blog, wiki, discussion, etc. powered by SpringBoot.
Kiddy - 被动式扫描器
lxhToolHTTPDecrypt - HTTPDecrypt for Android Penetration Test
ant - 实时上线的 XSS 盲打平台
showdown - A bidirectional Markdown to HTML to Markdown converter written in Javascript
tool - 开发效率提升：Mac生产力工具链推荐
wechat-format - 微信公众号排版编辑器，转换 Markdown 到微信特制的 HTML
as_plugin_godofhacker - 黑客神器，谁用谁知道！
starrtc-edu-demo - web版本在线教育与白板演示示例，更多示例请参见：
linux_rat - LINUX集群控制(LINUX反弹式远控) LINUX反向链接运维 BY:QQ:879301117
confluence2k - 📋:outbox_tray:Export HTML from confluence with nice style
UnblockNeteaseMusic - Revive unavailable songs for Netease Cloud Music
vsc-netease-music - UNOFFICIAL Netease Music extension for Visual Studio Code
html5-dash-hls-rtmp - 🌻 HTML5播放器、M3U8直播/点播、RTMP直播、低延迟、推流/播流地址鉴权
LiveRoomDemo_Client - 自己动手打造一个属于自己的直播间（视频直播、聊天室、弹幕、多端适配）
LiveRoomDemo_Server - 自己动手打造一个属于自己的直播间（视频直播、聊天室、弹幕、多端适配）
reflv - react component wrap flv.js
archerysec - Centralize Vulnerability Assessment and Management for DevSecOps Team
Security-Baseline - Linux安全基线扫描、报告生成与自动修复程序
CVE-2019-5786 - FileReader Exploit
AwesomeXSS - Awesome XSS stuff
bilibili-helper - 哔哩哔哩 (bilibili.com) 辅助工具，可以替换播放器、去广告、推送通知并进行一些快捷操作
Front-End-Checklist - 🗂 The perfect Front-End Checklist for modern websites and meticulous developers
front-end-collect - 分享自己长期关注的前端开发相关的优秀网站、博客、以及活跃开发者
new-project-checklist - 🥳🥳🥳🥳 a checklist & tool for new project setup for developer. 新项目检查清单及其工具。
Lengyue-Vcode - 各种滑动验证码识别 [腾讯云] [易盾] [Vaptcha] [Geetest] [极验] 各种网站破解
Motrix - A full-featured download manager.
lysec - 一个基于docker的安全培训系统
PoCBox - PoCBox - 赏金猎人的脆弱性测试辅助平台（破300star写重构版本，400star免费线上版本开放）
d2-admin - 🌈 An elegant dashboard
Empire-GUI - Empire client application
cbdyzj.github.io - jianzhao.org
GoogleHackingTool - 在线Google Hacking 小工具
blog-html-to-pdf - [Fun] A sample program to convert blog website to merged pdf.
Github-Monitor - Github Sensitive Information Leakage Monitor(Github信息泄漏监控系统)
edex-ui - A cross-platform, customizable science fiction terminal emulator with advanced monitoring & touchscreen support.
pdf-sync - PDF Reader in JavaScript with Sync
note - 萌音云笔记 - 一个高效的在线云笔记、专注技术文档在线创作、阅读、分享和托管
33-js-concepts - 📜 每个 JavaScript 工程师都应懂的33个概念 @leonardomso
webpack-demos - 📦 Demos && Courses for Webpack 4
zresume - 程序员简历生成器（可导出静态页面、支持密码验证访问）
bookmarks-2-markdown - A Chrome extension for exporting bookmarks as markdown
taotao - IDEA版本淘淘商城
amWiki - amWiki 是一款由 JS 开发、依赖 Atom 或 Nodejs-Npm 的 Markdown 轻量级前端化开源文库系统
DisqusJS - 💬 Alternative Disqus - Render comments with Disqus API
MKOnlineMusicPlayer - ⛔（停止维护）孟坤在线音乐播放器，基于 Meting
yun-playlist-downloader - 网易云音乐 - 歌单/专辑 - 下载器
find-subdomains - Abusing Certificate Transparency logs for getting HTTPS websites subdomains. （通过 HTTPS 证书透明日志，以 非字典爆破 的方式获取网站子域名。）
HackMyResume - Generate polished résumés and CVs in HTML, Markdown, LaTeX, MS Word, PDF, plain text, JSON, XML, YAML, smoke signal, and carrier pigeon.
bookmark2md - Convert chrome bookmarks to md files and push them to GitHub repository.
translation-spring-mvc-4-documentation - Spring MVC 4.2.4 RELEASE 中文文档完整翻译稿
fullstack-tutorial - 🚀 fullstack tutorial 2019，后台技术栈/架构师之路/全栈开发社区，春招/秋招/校招/面试
gosuv - Deprecated!!! Process managerment writtern by golang, inspired by python-supervisor
hexo-theme-suka - 🎨Modern, powerful and simple theme for Hexo.
hexo-node-admin - A Hexo management tool with UI designed to make it easier for you to compose.
GenShell - AntSword Generate Shell Plugin
proxy-web - proxy-web是用go语言写的，基于snail007/goproxy完成的可视化网页应用
filepizza - 🍕 Peer-to-peer file transfers in your browser
thal - 译文：Puppeteer 与 Chrome Headless —— 从入门到爬虫
pxder - 🖼 Download illusts from pixiv.net P站插画批量下载器
font-spider - Smart webfont compression and format conversion tool
Office-Document-Converter - Office Document Convertor (ODC) is an online convertor for office document which runs as a web service. Its aim is to provide the facility of converting almost all office documents into image which make office documents viewable even without any office suite software installed on your machines.
awesome-web-editor - 🔨 Open source WEB editor summary
SQLInjectionWiki - 一个专注于聚合和记录各种SQL注入方法的wiki
LogonTracer - Investigate malicious Windows logon by visualizing and analyzing Windows event log
A_Scan_Framework - 互联网漏洞管理、资产管理、任务评估系统
cve.wang - bug公开平台
zdir - 使用PHP开发的目录索引系统
WebGoat - WebGoat 8.0
electronic-wechat - 💬 A better WeChat on macOS and Linux. Built with Electron by Zhongyi Tong.
FileChangeMonitor - Continuous monitoring for JavaScript files
github-blog - blog base on Vue.js and Github API
permeate - 一个用于渗透透测试演练的WEB系统,用于提升寻找网站能力,也可以用于web安全教学
Photon - A lightweight multi-threaded downloader based on aria2.
salvia - A minimum-building static blog framework.
Memory - A theme for wordpress.
docker-labs - Docker在线实验室
cfg-explorer - CFG explorer for binaries
cerebro-codelf - ⭐️ 给变量起名的事情上，为你生命省 3s (Save 3 seconds of your life when naming things.)
cerebro - Open-source productivity booster with a brain
FireShodanMap - FireShodanMap is a Realtime map that integrates Firebase, Google Maps and Shodan. A search is carried out using Shodan searching vulnerable devices and they are showed on the map for analysis. All data updated in Firebase are Realtime.
aliyun-oss-deploy - 🙈 一个 nodejs 命令行工具，用于部署静态资源到 aliyun oss，支持代码方式和 CLI 方式！
sdeploy-cli - A light development tool using SCP,SFTP and RSync
blog - 📖基于Github API 的动态博客
forsaken-mail - a self-hosted disposable mail service
forsaken-mail - a self-hosted disposable mail service
RSSHub - 🍰 万物皆可 RSS
RunningCheese-Firefox - A Graceful and Powerful Customized Firefox
Camtd - Chrome multi-threaded download manager extension,based on Aria2 and AriaNg. Chrome多线程下载扩展。
font_compare - Programming font comparison
Sarasa-Gothic - Sarasa Gothic / 更纱黑体 / 更紗黑體 / 更紗ゴシック
oss-browser - OSS Browser 提供类似windows资源管理器功能。用户可以很方便的浏览文件，上传下载文件，支持断点续传等。
baidu-netdisk-downloaderx - ⚡️ 百度网盘不限速下载器 BND，支持 Windows、Mac 和 Linux。
DeerResume - MarkDown在线简历工具，可在线预览、编辑和生成PDF。[此项目已不再维护，建议使用 cv.ftqq.com 替代 ]
marktext - 📝A simple and elegant markdown editor, available for Linux, macOS and Windows.
userguide - Ubuntu 吧用户指南
V2RayGeoKit -
AWVS11.X-Chinese-Version - AWVS11.X汉化包|AWVS11.X-Chinese-Version
sharelist - 快速分享 GoogleDrive OneDrive
multiple-host - 虚拟host解决方案，轻松实现两套host环境
listen1_chrome_extension - one for all free music in china (chrome extension, also works for firefox)
listen1_desktop - one for all free music in china (Windows, Mac, Linux desktop)
KaTeX - Fast math typesetting for the web.
insight - 洞察-宜信集应用系统资产管理、漏洞全生命周期管理、安全知识库管理三位一体的平台。
Yosoro - 🍧Beautiful Markdown NoteBook Desktop App. 🏖
scan_monitor - ip 域名端口扫描服务刺探单机版
WebRTC-Leak - Check if your VPN leaks your IP address via the WebRTC technology
Crash-Course-Computer-Science-Chinese - 💻 计算机速成课 | Crash Course 字幕组 (全40集 2018-5-1 精校完成)
APT_CyberCriminal_Campagin_Collections - APT & CyberCriminal Campaign Collection
PS4-5.01-WebKit-Exploit-PoC - PS4 5.01 WebKit Exploit PoC
Surfingkeys - Map your keys for web surfing, expand your browser with javascript and keyboard.
CIDR-in-Proxifier - 🍵 A script for converting CIDRs list to configuration file segment of Proxifier.
carbon - 🎨 Create and share beautiful images of your source code
reverse-shell - Reverse Shell as a Service
fingerprintjs2 - Modern & flexible browser fingerprinting library
fingerprintjs - Anonymous browser fingerprint
win-powerup-exp-index - 🚄 火车上写的，现在已经基本不能用了
awesome-blockchain-cn - 收集所有区块链(BlockChain)技术开发相关资料，包括Fabric和Ethereum开发资料
rotonde-client - Rotonde Base Client
rotonde-client - Rotonde Base Client
HexoEditor - this markdown Editor for hexo blog
cipm - standalone ci-oriented package installer for npm projects
electron-cn-docs - Electron中文文档! 精心翻译,完美排版,实时同步更新! (本文档未经同意不得传播!) , 最后同步:2017-05-23
sosrp - SOSRP Security 安全平台
ClearScript.Manager - Use tern.js in .netcontext 重构原有代码,require dll js等功能
xmr-miner - Web-based Cryptocurrency miner, built with Vue.js
ieaseMusic - 网易云音乐第三方
blinksocks - A framework for building composable proxy protocol stack.
tools - Some useful tools
gaari-rss - gaari-rss is a twitter bot with rss feeds. 二次元Twitter新闻机器人
Rss2Weibo - 将 rss 流同步到微博. 如 twitter facebook 等
awesome-selfhosted - This is a list of Free Software network services and web applications which can be hosted locally. Selfhosting is the process of locally hosting and managing applications instead of renting from SaaS providers.
pm2 - Node.js Production Process Manager with a built-in Load Balancer.
patchwork - A decentralized messaging and sharing app built on top of Secure Scuttlebutt (SSB).
wsproxy - A websocket proxy
gh-feed - Generate RSS feed from GitHub Issues
Steward - A command launcher for Chrome/Firefox
relationship - Chinese kinship system.**亲戚关系计算器 - 家庭称谓/称呼计算/亲戚关系算法
nba-go - 🏀 💻 The finest NBA CLI.
dnstricker - A simple dns resolver of dns-record and web-record log server for pentesting
QTGate-Desktop-Client - Become a trustworthy ally for the Internet Freedom
Hexo-Theme-Life - Hexo Theme
beaker - Rotonde client with user account combined(deprecated)
ServerStockCheck - 库存检查工具
seedbox-from-scratch - Creating a seedbox on a Linux server
rain - http://rain.mengsky.net
Flarum - Flarum - 优雅自由的PHP轻社区
webtorrent-element - WebTorrent HTML element.
Electorrent - A remote control client for µTorrent, qBittorrent, rTorrent, Transmission, Synology & Deluge
seedbox-from-scratch - Creating a seedbox on a Linux server
QB - QuickBox is much more than a ‘seedbox installer script’, it is a simplistic approach to achieving easy seedbox and services management from a beautifully designed dashboard. Allowing users the ability to interact with their seedbox and server on a professional grade level.
RatXaBox - Auto installation de ruTorrent avec rTorrent. Version "Seedbox-Manager Workflow"
mrseedbox - [unmaintained] A Containerized Seedbox with Embedded Media Player
Rtorrent-LXC - A Docker container with Rtorrent + Rutorrent.
cqc - Code Quality Checker - Check your code quality by running one command.
TeleShellBot - A simple Telegram Bot to run shell commands remotely
awesome-cn-cafe - A curated list of awesome coffee places in China.
BGAIssueBlog - Vue + VueRouter + Vuex + Axios 抓取 GitHub 上的 Issues，结合 GitHub Pages 搭建个人博客站点，支持 GitHub 登录和评论
reblog - A blog system using GitHub Issues, powered by React + Redux.
Dply-Autobuild-Server - Dply.co自动创建服务器
wtfjs - A list of funny and tricky JavaScript examples
js-ipfs - IPFS implementation in JavaScript
hexo-theme-indigo - 这个只是我修改的别人的，大家fork去原项目啊
WeiboImageReverse - Chrome 插件，反查微博图片po主
KCon - KCon is a famous Hacker Con powered by Knownsec Team.
tale - 🦄 Best beautiful java blog, worth a try
SiteScan - A tool help get the basic information of one site
noVNC - VNC client using HTML5 (WebSockets, Canvas)
hugo-rapid-theme - A hugo theme as
rssify - Convert anything to rss feed
iblog - 基于Gracejs及github issues的全功能博客方案，参考：
gitalk - Gitalk is a modern comment component based on Github Issue and Preact.
gtop - System monitoring dashboard for terminal
gattacker - A Node.js package for BLE (Bluetooth Low Energy) security assessment using Man-in-the-Middle and other attacks
GOSINT - The GOSINT framework is a project used for collecting, processing, and exporting high quality indicators of compromise (IOCs).
Cube-In-Electron - A cross-platform web music player in Electron.
Cube - A cross-platform web music player in nw.js
v2ray-config-gen - V2Ray Configuration generator
WebshellManager - w8ay 一句话WEB端管理工具
CMS-of-Blog - deprecated
VRouter - 一个基于 VirtualBox 和 openwrt 构建的项目, 旨在实现 macOS / Windows 平台的透明代理.
Google-IPs - 🇺🇸 Google 全球 IP 地址库
apparatus - A graphical security analysis tool for IoT networks
twister-webkit - webkit package for twister
cryptpad - The Encrypted Collaboration Suite
cryptpad - Unity is Strength - Collaboration is Key - CryptPad is the zero knowledge realtime collaborative editor.
squid-PAC - 利用国外VPS搭建多协议代理服务，squid PAC代理服务器，25端口翻墙 ....墙已加高，https网站已失效，普通站点仍可代理..建议使用ssr替代
awesome-vscode - 🎨 A curated list of delightful VS Code packages and resources.
elasticsearch-rtf - elasticsearch中文发行版，针对中文集成了相关插件，方便新手学习测试.
squid-with-net-speeder - SQUID Proxy with net speed
shadowsocks-over-websocket - 免费使用 Heroku 部署 shadowsocks
auth_proxy - A proxy + UI server for Contiv which handles authentication (local users/LDAP/AD) + authorization (RBAC)
squidproxy - squid 技術部署、客戶端(原創)提供
openwebrx - Open source, multi-user SDR receiver software with a web interface
gateway - WebThings Gateway
beaker - An experimental peer-to-peer Web browser
BaiduExporter - Assistant for Baidu to export download links to aria2/aria2-rpc
borgweb - Web UI for Borg Backup
hound - Lightning fast code searching made easy
twister-react - proxy-based Twister client written with react-js
SRCMS - SRCMS企业应急响应与缺陷管理系统
anyproxy - A fully configurable http/https proxy in NodeJS
NooBoss - NooBoss is an extension that handles your extensions like a boss!
tech-interview-handbook - 💯 Algorithms study materials, behavioral content and tips for rocking your coding interview
link-hijacker - Hijack clicks on and within links, probably for client-side routing
git-visualizer - 👁‍🗨:octocat:Visualizes directory structure of GitHub repos
xssor2 - XSS'OR - Hack with JavaScript.
fanqiang - 翻墙-科学上网
GenPass - 用Vue.js给健忘的女票写的在线密码生成器。
XSS-Radar -
securelogin - This version won't be maintained!
browser-autofill-phishing - A simple demo of phishing by abusing the browser autofill feature
evilwaf - Web Application Firewall (WAF) Detection Tool
eme - Elegant Markdown Editor.
GeistMap - A personal knowledge base/network with a focus on connections
wssip - Application for capturing, modifying and sending custom WebSocket data from client to server and vice versa.
hexo-admin-qiniu - 根据[email protected]进行修改，添加粘贴图片上传至七牛
platformio-atom-ide - PlatformIO IDE for Atom: The next generation integrated development environment for IoT
node.bittrex.api - No longer maintained
Clustered-Single-Value-Map-Visualization - Splunk Custom Visualization
truffle - A tool for developing smart contracts. Crafted with the finest cacaos.
DOMPurify - DOMPurify - a DOM-only, super-fast, uber-tolerant XSS sanitizer for HTML, MathML and SVG. DOMPurify works with a secure default, but offers a lot of configurability and hooks. Demo:
git-unsaved - 🔎 Scan your projects directory for dirty git repositories.
How-To-Ask-Questions-The-Smart-Way - 本文原文由知名 Hacker Eric S. Raymond 所撰寫，教你如何正確的提出技術問題並獲得你滿意的答案。
mostly-adequate-guide-chinese - JS 函数式编程指南中文版
sdu-mirror-website - 山大镜像站首页
LinkedServerPwdDumper - SqlServer Linked Password Dumper.
front-end-collect - 分享自己长期关注的前端开发相关的优秀网站、博客、以及活跃开发者
tinytime - ⏰ A straightforward date and time formatter in <1kb
pcap-analyzer - online pcap forensic
DomainFuzz - Domain name permutation engine for detecting typo squatting, phishing and corporate espionage
Formstone - Library of modular front end components.
SResume - 一个简洁的网页简历生成器
codemirror-anywhere - [Greasemonkey] Use CodeMirror editor instead of textarea in anywhere
frida-java - Java runtime interop from Frida
gitment - A comment system based on GitHub Issues.
xpath_tester - Demo
APlayer - 🍭 Wow, such a beautiful HTML5 music player
wheels - 笨办法造轮子
h2gb-ui -
My_CTF_Challenges - 🔥☀️
leanote - Not Just A Notepad! (golang + mongodb) http://leanote.org
OSINT-Framework - OSINT Framework
wooyun-node - wooyun.org
tamperchrome - Tamper Chrome is a Chrome extension that allows you to modify HTTP requests on the fly and aid on web security testing. Tamper Chrome works across all operating systems (including Chrome OS).
ui-for-docker - A web interface for Docker, formerly known as DockerUI. This repo is not maintained
electron-anyproxy - 📢 A http/https proxy client, using to analyze and mock.
awesome-mac -  Now we have become very big, Different from the original idea. Collect premium software in various categories.
magic-mirror-demo - A ⚡Magic Mirror⚡ powered by a UWP Hosted Web App 🚀
webui-aria2 - The aim for this project is to create the worlds best and hottest interface to interact with aria2. Very simple to use, just download and open index.html in any web browser.
web-scraper-chrome-extension - Web data extraction tool implemented as chrome extension
crackFile - Encrypt binary - Decrypt binary
tcp-over-websockets - Tunnel TCP through WebSockets.
e2email - E2EMail is a simple Chrome application - a Gmail client that exchanges OpenPGP mail.
JianshuSpider - Use Node.js,HighChart,BootStrap,Mongo,Cucumber with Gulp to scrapy information from Jianshu.
Google-IPs - 🇺🇸 Google 全球 IP 地址库
lib-qqwry - 用NodeJS解析纯真IP库(QQwry.dat) 支持IP段查询
keeweb - Free cross-platform password manager compatible with KeePass
gitbook-pdf - PDF Generator for GitBook
PiBox - PiBox is a web control Interface written to control Embedded Board(Raspberry Pi).
github-hans - [废弃] {官方中文马上就来了} GitHub 汉化插件，GitHub 中文化界面。 (GitHub Translation To Chinese)
calibration-box - 图片标定：一个 Fabric 的小插件，可用于标定图片中车辆、人、交通灯标识、区域等。
weapp-ide-crack - 【应用号】IDE + 破解 + Demo
vue-sui-demo - 用vue 和 SUI-Mobile 写了一个移动端demo，用来反馈学习vue的成果（禁用了SUI自带的路由，使用vue-router, vue-resource, webpack）[a web app written by vue & sui-mobile]
How-To-Ask-Questions-The-Smart-Way - Any update requests plz redirect to original --->
WeFlow - A web developer workflow tool by WeChat team based on tmt-workflow, with cross-platform supported and environment ready.
atrament.js - Tiny JS library for beautiful drawing and handwriting on the HTML Canvas.
vue-hackernews-2.0 - HackerNews clone built with Vue 2.0, vue-router & vuex, with server-side rendering
jumpserver - Jumpserver是全球首款完全开源的堡垒机，是符合 4A 的专业运维审计系统。
500lines - 500 Lines or Less
Scrippy - Scrippy is a browser extension that holds sql statements (think clip board) to aid devlopers in the testing of websites for basic code injections.
xsshunter - The XSS Hunter service - a portable version of XSSHunter.com
xss-scanner - Cross-Site Scripting (XSS) scanner. This tool helps to find possible XSS vulnerabilities. Cross platform - macOS, Linux, and Windows.
xsser - xss监控（xss monitor）
back_manager - Paladin是啥？它是一个以JFinal为底层的java基础后台框架。结合了以下第三方组件： Beetl、Druid、Shiro、Ehcache（JFinal自带有工具类）。界面使用的拼图的后台模板，自己做了些优化和更改。最初目的：为了学习jfinal，通过一点点的摸索，把它建立起来了。最终理想：形成一个工作中比较通用的基础后台框架。适用人群刚入门JFinal的同学，可以拿过去做个参考各种大牛，看过、路过，给点指导，求虐求喷部署方式 1、还原数据库文件；在app.properties中修改数据库配置 2、项目导入Eclipse，按照JFinal手册中的方式配置Java Applcation，使用jetty启动项目。 3、默认账号/密码：superadmin/asdasd 交流 QQ群：240452848 欢迎大家前来交流，给予宝贵的建议。希望能在社区的力量下（高人指点、建议；喷子鄙视、虐待）下，逐步完善，让众人受益。现在项目的难度还不是很高，功能、操作、代码都还有很大的提升空间。所以有兴趣的兄弟，可以多多提交Pull Requests。同一个功能，同一个操作，每个人都有自己的解决方案；可以拿出来聊一聊，比一比，哪种更加科学、实用。就当是一场游戏，大家一起打怪，各路神仙，各显神通。让我们一起享受其中的乐趣吧_^ 目前初步已经完成的功能，很多还需要完善、改进基础功能登陆、注销访问页面时，更具ActionKey获取WildcardPermission并进行权限判断开始欢迎使用个人资料修改密码系统系统设置组织机构用户管理角色管理资源管理导航管理开发模型代码模板预览控制器代码模板预览视图代码模板预览为啥要叫它Paladin？ Paladin翻译过来貌似是游侠、圣骑士的意思。感觉这个名字挺酷的，所以它就叫这个吧。
SailsAdmin - 利用nodejs sails框架搭建的权限管理系统和数据可视化界面的B/S
DataVistual - 数字校园项目-大数据可视化平台
weiboDataVis - 新浪微博数据可视化.
The-FlowingData-Guide - 自己整理的《鲜活的数据——数据可视化指南》一书的笔记，还有自己根据书中的讲解，整理出的各章代码。
dataBase-operate - 可视化操作数据库数据
nodejs-nedb-excel - 基于nodejs+webpack,以nosql轻量级嵌入式数据库nedb作为存储，页面渲染采用react+redux,样式框架为ant design,实现了excel表格上传导出以及可视化
log-date-view - 日志数据可视化
csv2dv - 将csv数据转换成可视化所需的数据格式
lagou-spider-data-handle - 拉勾数据处理，echarts数据可视化
Life-Time-Tracker - 个人时间跟踪，可视化个人活动数据，管理个人生活，利用过去来指导未来，基于柳比歇夫的统计方法
medlog - 数据可视化系统，持续迭代，包括前端采集+数据设计+大数据存储+可视化展示几个大块
data-visualization - 数据可视化
Compiler - 哈工大编译原理实验，使用node语言，实现了基于状态转换机制的词法分析器,以及自顶而下分析的语法分析器，gui基于electron&angular制作，数据可视化使用的是d3.js。
ascii-art - A Node.js library for ansi codes, figlet fonts, ascii art and other ASCII graphics

Jupyter Notebook

AI-for-Security-Testing-Database - 复现过的AI安全检测的项目集合
Python-100-Days - Python - 100天从新手到大师
the-craft-of-selfteaching - One has no future if one couldn't teach themself.
AdvBox - Advbox is a toolbox to generate adversarial examples that fool neural networks in PaddlePaddle、PyTorch、Caffe2、MxNet、Keras、TensorFlow and Advbox can benchmark the robustness of machine learning models. Advbox give a command line tool to generate adversarial examples with Zero-Coding.
100-Days-Of-ML-Code - 100-Days-Of-ML-Code中文版
HELK - The Hunting ELK
pydata-notebook - 利用Python进行数据分析第二版 (2017) 中文翻译笔记
data_hacking - Data Hacking Project
100days - 100 days of algorithms
Duke-STA-663-CN - A Chinese Translation of the Resources for Duke University STA 663 杜克大学计算机统计学（Python）全部内容的中文翻译
pandas-videos - Jupyter notebook and datasets from the pandas Q&A video series
pandas-zh - pandas 0.19.2 文档中文版
pandas-cookbook - Recipes for using Python's pandas library
pycon-pandas-tutorial - PyCon 2015 Pandas tutorial materials
jupyter_hub - 机器学习算法、可视化、数据分析的Python代码

KiCad

growdammit - Garden thing

Kotlin

VPNHotspot - Share your VPN connection over hotspot or repeater! (root required)
awesome-kotlin - A curated list of awesome Kotlin related stuff Inspired by awesome-java.
Kotlin-CN - https://discuss.kotliner.cn 的第一个实验版本，尝试使用Kotlin编写构建的 Kotlin China 论坛，etcd+自研tpc协议RPC
VDM - GUI for command-line video downloader (youtube-dl annie)
kotlin-koans - Kotlin workshop
jvm-mon - Console-based JVM monitoring

Logos

UIDaemon - An iOS daemon that can show UI /over/ SpringBoard

Lua

icsmaster - ICS/SCADA Security Resource（整合工控安全相关资源）
nse_vuln - Nmap扫描、漏洞利用脚本
patoolkit - PA Toolkit is a collection of traffic analysis plugins focused on security
freevulnsearch - Free and open NMAP NSE script to query vulnerabilities via the cve-search.org API.
lua-nginx-redis - 🌺 Redis、Lua、Nginx、OpenResty笔记
ga-resty - OpenResty libriary to build a google_analytics webserver
jxwaf - JXWAF(锦衣盾)是一款基于openresty(nginx+lua)开发的web应用防火墙
ngx_lua_waf - ngx_lua_waf是一个基于lua-nginx-module(openresty)的web应用防火墙
nmap-vulners - NSE script based on Vulners.com API
nmap_scripts - nmap默认的scripts和自己收集的一些scripts
VeryNginx - A very powerful and friendly nginx base on lua-nginx-module( openresty ) which provide WAF, Control Panel, and Dashboards.
nginx_waf - 使用nginx和lua构建的waf
rtools - pentest floating repo (based off git submodules), and some useful scripts i wrote
nmap-nse-info - Browse and search through nmap's NSE scripts.
nmapii - Automated script for NMAP Scanner with some custom .nse scripts :) for lazy geeks :V
SambaCry - CVE-2017-7494 - Detection Scripts
nmap-nse-scripts - My collection of nmap NSE scripts
drool - DNS Replay Tool

M

iOSBlog - 微博@iOS程序犭袁的blog

Makefile

awesome-kubernetes - A curated list for awesome kubernetes sources 🚢🎉
dircolors-solarized - This is a repository of themes for GNU ls (configured via GNU dircolors) that support Ethan Schoonover’s Solarized color scheme.
h2fuzz - everyone can fuzz h2
reverse-engineering-for-beginners - translate project of Drops
awesome-python-cn - Python资源大全中文版，包括：Web框架、网络爬虫、模板引擎、数据库、数据可视化、图片处理等，由伯乐在线持续更新。

Markdown

rust-book-chinese - rust 程序设计语言中文版

Mask

Fuzzing-ImageMagick - OpenSource My ImageMagick Fuzzer ..

Max

microllaborators - microllaborators 👩‍👦‍👦🔮🔬👩‍🏫 - the revolution in teaching

Nginx

docker-rtorrent - rTorrent is a BitTorrent client and ruTorrent is a front-end for the popular Bittorrent client rtorrent.

Objective-C

AxcDrawPath_Tool - AxcAEKit系列拆分出来的一个贝塞尔曲线绘制工具，以科技风为主，动画为辅
ChangeLocation - 改变自己的定位地址(免越狱打卡)
EggShell - iOS/macOS/Linux Remote Administration Tool
macSubstrate - Substrate for macOS
DevDataTool - 编码转换、摘要(hash)、加解密（MD5、SHA、SHA3、SM3、HMAC、DES、3DES、AES、SM4）
KeychainCracker - macOS keychain cracking tool
sequelpro - MySQL/MariaDB database management for macOS

Objective-C++

hallelujahIM - hallelujahIM(哈利路亚英文输入法) is an intelligent English input method with auto-suggestions and spell check features, Mac only.

Others

Mac - Mac系统、Mac软件的操作和使用技巧整理，正在不断完善中。努力做到最全。
Dork-Admin - 盘点近年来的数据泄露、供应链污染事件
linux-dotfiles - I configure lots of things, sorting them out here
Safety-Project-Collection - 收集一些比较优秀的开源安全项目，以帮助甲方安全从业人员构建企业安全能力。
Translation-For-IoT-Penetration-Testing-Cookbook - 学习物联网渗透测试技术时，在Google上查到的一本英文书。看国内还未有该领域的书籍，因此将其翻译提供更多的同学学习。若有侵权，请联系删除。
one-python-craftsman - 来自一位 Pythonista 的编程经验分享，内容涵盖编码技巧、最佳实践与思维模式等方面。
xray - xray 安全评估工具
WeakPwd -
btfm -
Windows-Kernel-Explorer - A free but powerful Windows kernel research tool
SS-R-4in1 - 由于秋水逸冰网站国内无法访问，所以为有需要的朋友复制发布到github
golang-developer-roadmap-cn - 在 2019 成为一名 Go 开发者的路线图。为学习 Go 的人而准备。
StockTradingSignalSystem - 著名的投资大师巴菲特说"我始终知道我会富有"，一开始我也想成为像巴同学那样的价值投资者，后来我发现价值投资在**A股里面是走不通的，趋势投资才是王道。刚学投资的小白，想站在前人的基础上，开发基金股票买卖信号体系，在不浪费太多精力的同时获取超额收益，我知道我也终将富有^_ ^
iCSS - 不止于 CSS
Decryption-Tools - Decryption-Tools
MyData - 资料存放
Emergency-Response-Notes - 应急响应实战笔记，一个安全工程师的自我修养。
Blasting-Dictionary - 网站后台、文件包含、WebShell等爆破字典！
sec_interview_know_list - 信息安全方面面试清单
Web-Security-Note - Record some common Web security sites
kalitools - Kali Linux工具清单
OSFCC - 一个收集可用于中文字体排印的开源字体集合。
hacker-laws - 💻📖 Laws, Theories, Principles and Patterns that developers will find useful. #hackerlaws
hacker-laws-zh - 💻📖对开发人员有用的定律、理论、原则和模式。(Laws, Theories, Principles and Patterns that developers will find useful.)
js-book - 《JavaScript 迷你书》，全面夯实基础
Red-Teaming-Toolkit - A collection of open source and commercial tools that aid in red team operations.
MSSQL_SQL_BYPASS_WIKI - MSSQL注入提权,bypass的一些总结
web-hack - 一份网络安全入门的资料。
awesome-macos-command-line-zh - 用你的 macOS 终端搞事情。(Use your macOS terminal shell to do awesome things. )
Awesome-Advanced-Windows-Exploitation-References - List of Awesome Advanced Windows Exploitation References
MYSQL_SQL_BYPASS_WIKI - mysql注入,bypass的一些心得
cmsprint - CMS和中间件指纹库
autoinstall - Autoinst索引
T430-EFI - Hackintosh Install Tutorial for Lenovo Thinkpad T430
wiki - EthFans 知识库
Information-security-reinforcement-scheme - 等级保护安全加固方案
RedTeam - RedTeam资料收集整理
Confluence-Plugin-CN - 这是Confluence 插件Questions For Confluence的简体中文汉化文件
Cobalt_Strike_wiki - Cobalt Strike系列
security_w1k1 - collect
awesome-browser-exploit - awesome list of browser exploitation tutorials
DarthSidious - Building an Active Directory domain and hacking it
web-sec-interview - 信息安全(Web安全/渗透测试方向)面试题/解题思路
OSCP-Cheatsheet-God -
AggressorScripts -
RedTeamManual -
SecurityInterviewQuestions - 网络信息安全从业者面试指南（持续补充各公司招聘题目和侧重点）
pentest-guide - Penetration tests cases, resources and guidelines.
document-style-guide - 中文技术文档的写作规范
tester-resource - 测试技术资源
SaiDict - 弱口令,敏感目录,敏感文件等渗透测试常用攻击字典
everyone-can-use-english - 人人都能用英语
Newbie-Security-List - 网络安全学习资料，欢迎补充
bjguahao - 北京市预约挂号统一平台挂号小助手
fancyss_history_package - 科学上网插件的离线安装包储存在这里
CVE-2018-1335-EXP-GUI - GUI版 EXP
awesome-linux-rootkits - awesome-linux-rootkits
Awesome-Red-Teaming - List of Awesome Red Teaming Resources
bug-bounty-reference - Inspired by https://github.com/djadmin/awesome-bug-bounty, a list of bug bounty write-up that is categorized by the bug nature
AD-Attack-Defense - Attack and defend active directory using modern post exploitation adversary tradecraft activity
chitchat-on-translation - 翻译漫谈——我的翻译经验总结
NessusReportInChinese - 半自动化将 Nessus 英文报告（csv格式）生成中文 excel ，中文漏洞库已有700多条常见漏洞，后续再进一步加上新漏洞自动翻译，实现全自动化
MITRE-ATT-CK-CN -
orcs - OSINT Resource Classification System
awesome-risk-control - 风控知识总结
NewBie-Plan - Java技术体系面试宝典
list-pentest-tools - A curated list of network penetration testing tools.
reverse-shell-cheatsheet - 🙃 Reverse Shell Cheat Sheet 🙃
HackingResource - “玄魂工作室--安全圈” 知识星球内资源汇总
CTFTools - Personal CTF Toolkit
OnJava8 - 《On Java 8》中文版，又名《Java编程**》第5版
Taipan - Web application vulnerability scanner
1135-CobaltStrike-ToolKit - about CobaltStrike
Penetration-Testing - List of awesome penetration testing resources, tools and other shiny things
w3brute - Automatic Web Application Brute Force Attack Tool
Effective-Java-3rd-edition-Chinese-English-bilingual - Effective Java（第3版）各章节的中英文学习参考（已完成）
engineering-Box - engineering Box (简称 - engineering) 是一个集合github平台上的安全行业从业者自研开源扫描器的仓库，包括子域名枚举、数据库漏洞扫描、弱口令或信息泄漏扫描、端口扫描、指纹识别以及其他大型扫描器或模块化扫描器，同时该仓库只收录各位安全行业从业者自己编写的一般性开源扫描器，类似awvs、nmap、w3af等知名扫描工具不收录，收集全球各位同仁爱好者维护项目
penetration-testing-tools - Penetration Testing tools - one repo to clone them all... containing latest pen testing tools
The-Hacker-Playbook-3-Translation - 对 The Hacker Playbook 3 的翻译。
scaner - 扫描器是来自GitHub平台的开源扫描器的集合，包括子域枚举、数据库漏洞扫描器、弱密码或信息泄漏扫描器、端口扫描器、指纹扫描器以及其他大规模扫描仪、模块扫描器等。对于其他著名的扫描工具，如：awvs、nmap，w3af将不包含在集合范围内。
AnsiblePlaybooks - A collection of Ansible Playbooks that configure Kali to use Fish & install a number of tools
the-practical-linux-hardening-guide - This guide details creating a secure Linux production system. OpenSCAP (C2S/CIS, STIG).
AI-Machine-Learning-Security - 一个关于人工智能渗透测试分析系列
awesome-python-security - Awesome Python Security resources 🕶🐍🔐
awesome-sdn - A awesome list about Software Defined Network (SDN)
my-infosec-awesome - 👾 My curated list of awesome links, resources and tools on infosec related topics 👾
awesome-spring-boot - Spring Boot Resources
awesome-el-yum-repository-additional - awesome EL(centos,redhat) additional yum repository
CentOS7-Server-Configuration - CentOS7服务器的一些配置
awesome-golang-security - Awesome Golang Security resources 🕶🔐
NET-Deserialize - 总结了十篇.Net反序列化文章，持续更新
golang-anything-recommend - 🔥 让阅读变成一件有意义的事。Golang好文推荐；收录平时阅读到的一些Go相关写的比较好、质量较高的干货文章.
git-commit-emoji-cn - 😁 git commit message emoji 使用指南
mapSource - java基础思维导图(还有mybatis,spring)
Pentest_Interview - 个人准备渗透测试和安全面试的经验之谈，和去部分厂商的面试题，干货真的满满~
AI-Security-Learning - 自身学习的安全数据科学和算法的学习资料
awesome-go-security - A dedicated place for cool golang security projects
cheat-sheet - 常用工具和开源项目链接收藏
awesome-burp-extensions - A curated list of amazingly awesome Burp Extensions
How-To-Secure-A-Linux-Server - An evolving how-to guide for securing a Linux server.
Micro8 - Gitbook
awesome-courses - 📚 List of awesome university courses for learning Computer Science!
Tide - 目前实现了网络空间资产探测、指纹检索、漏洞检测、漏洞全生命周期管理、poc定向检测、暗链检测、挂马监测、敏感字检测、DNS监测、网站可用性监测、漏洞库管理、安全预警等等~
Enterprise-Security-Skill - 用于记录企业安全规划，建设，运营，攻防的相关资源
Intranet_Penetration_Tips - 2018年初整理的一些内网渗透TIPS，后面更新的慢，所以公开出来希望跟小伙伴们一起更新维护~
threat-intelligence - 收集的一些国外能提供提供威胁情报的公司，涵盖网络安全、工控安全、终端安全、移动安全等领域
awesome-indie - Resources for independent developers to make money
risk-management-note - 风险控制笔记，适用于互联网企业
A-Programmers-Guide-to-English - 专为程序员编写的英语学习指南 v1.2。在线版本请点 ->
Interview-Notes - 秋招面试总结
GitHubDaily - GitHubDaily 分享内容定期整理与分类。欢迎推荐、自荐项目，让更多人知道你的项目。
src - 日常src平台域名收集
Hacking-With-Golang - Golang安全资源合集
DarthSidious-Chinese - DarthSidious 中文版
FEGuide - 【前端面试题+前端学习+面试指南】一份涵盖大部分前端工程师所需要掌握的核心知识。这个项目就是为了帮助那些找工作的前端开发工程师去回顾前端的基础知识，如果你不想找工作，也可以通过查看这些面试问题去巩固你的前端技能。
clash_for_windows_pkg - A Windows GUI based on Clash
OI-wiki - 🌟 Wiki for OI / ICPC. （某大型游戏线上攻略，内含炫酷算术魔法）
fuck_postgres - 便捷地使用PostgreSQL自定义函数来执行系统命令，适用于数据库管理员知道postgres密码却不知道ssh或RDP密码的时候在服务器执行系统命令。
ossa - Open-Source Security Architecture | 开源安全架构
The-Economist - The Economist 经济学人，持续更新
intellij-idea-tutorial - 🌻 This is a tutorial of IntelliJ IDEA, you can know how to use IntelliJ IDEA better and better.
cobaltstrike3.12_cracked - Cracked Cobaltstrike3.12 Trial Version
CobaltStrike_wiki - Cobalt Strike 3.12中文文档
cobalt_strike_3.12_patch - Cobalt Strike v3.12 patch
Cobaltstrike-Trial -
Behinder - “冰蝎”动态二进制加密网站管理客户端
web-develop - 🌱《大话WEB开发》WEB开发相关经验总结分享
quick-SQL-cheatsheet - A quick reminder of all SQL queries and examples on how to use them.
laravel - Laravel 深入详解 —— 源代码解析，新手进阶指南
Burp-Suite-2.0-chinese-document - 中文版burp2.0官方文档
CS-Notes-PDF - https://github.com/CyC2018/CS-Notes PDF版本离线阅读
awesome-vue - 🎉 A curated list of awesome things related to Vue.js
awesome-github-vue - Vue相关开源项目库汇总
practical-programming-books - 这里收录比较实用的计算机相关技术书籍，可以在短期之内入门的简单实用教程、一些技术网站以及一些写的比较好的博文，欢迎Fork，你也可以通过Pull Request参与编辑。
chinaip - **大陆 IP 列表(已优化)
Java-Notes - 📚 计算机科学基础知识、Java开发、后端/服务端、面试相关 📚 computer-science/Java-development/backend/interview
Deeplink_Reverse_TCP - Get reverse connection using simple metaploit reverse_tcp payload, microsoft word and SettingContent-ms file
BEST-HACKING-TOOLS - BEST HACKING TOOLS..For more tools visit our blog for Hackers
SecurityManagement - 分享在建设安全管理体系、ISO27001、等级保护、安全评审过程中的点点滴滴
DeepWeb - 暗网网址大全TOR
computerese-cross-references - 计算机专业术语中英文对照。
detectionString - list of sql-injection and XSS strings
2018-BlackHat-Tools-List - 2018 BlackHat Tools List
ban_cnshort - Ban China Short Video Websites
Begin-Latex-in-minutes - 📜 Brief Intro to LaTeX for beginners that helps you use LaTeX with ease. Comments and Contributions are welcomed 👍
landscape-of-programming - This repo aim to show you what to learn on the way to excellence.
iptables-essentials - Iptables Essentials: Common Firewall Rules and Commands.
the-book-of-secret-knowledge - A collection of inspiring lists, manuals, cheatsheets, blogs, hacks, one-liners, cli/web tools and more.
chinese-ai-developer - 👩🏿‍💻👨🏾‍💻👩🏼‍💻👨🏽‍💻👩🏻‍💻** AI 开发者项目列表 -- 分享大家都在做什么
web-security - Web安全中比较好的文章
antiG - Yet another live OS to resist Surveillance/Censorship and to protect digital privacy.
mac-awesomeTools - mac常用软件等等，有你需要的！
BlockChain-Security-List -
download -
Crack-Beyond-Compare-linux - crack beyond compare 4 on linux
Web-Series - 📚 现代 Web 开发，现代 Web 开发导论 | 基础篇 | 进阶篇 | 架构优化篇 | React 篇 | Vue 篇
upload-labs-writeup - upload-labs writeup
sks - Security Knowledge Structure(安全知识汇总)
telegramlist - Telegram中文群索引列表（言论自由版）
GRE_laylalaisy - Toefl的姊妹篇lol GRE的一些资料~ 祝小可爱和大佬们早日和GRE巨型怪兽分手(o゜▽゜)o☆
TOEFL_laylalaisy - 备考托福的一丢丢经验+资料~祝小可爱和大佬们都早日和托福大魔王分手(o゜▽゜)o☆
ubuntu_desktop_setup - Ubuntu桌面版系统安装和优化配置
IoTSecurity101 - From IoT Pentesting to IoT Security
Windows-RCE-exploits - The exploit samples database is a repository for RCE (remote code execution) exploits and Proof-of-Concepts for WINDOWS, the samples are uploaded for education purposes for red and blue teams.
awesome-blockchain - 区块链白皮书、书籍、交易所、币种、自媒体等资源汇总 💯
awesome-cerebro - Curated list of Cerebro plugins and resources
Struts-S2-xxx - 整理收集Struts2漏洞环境
docker-security - docker 安全基线规范
gold-miner - 🥇掘金翻译计划，可能是世界最大最好的英译中技术社区，最懂读者和译者的翻译平台：
awesome-macOS -  A curated list of awesome applications, softwares, tools and shiny things for macOS.
awesome-javascript-cn - JavaScript 资源大全中文版，内容包括：包管理器、加载器、测试框架、运行器、QA、MVC框架和库、模板引擎等
architecture.of.internet-product - 互联网公司技术架构，微信/淘宝/微博/腾讯/阿里/美团点评/百度/Google/Facebook/Amazon/eBay的架构，欢迎PR补充
MacType.Decency - A MacType profile that provides decent solution to font rendering and font substitutions for Windows operating systems.
architect-awesome - 后端架构师技术图谱
kali-linux-cheatsheet - Kali Linux Cheat Sheet for Penetration Testers
50weekly - 50weekly 发现高质量的前端资源第三十三周已更新
The-Security-Handbook-Kali-Linux - A useful reference guide and a handbook of security basics for those starting out.
Cyberspace_Security_Learning - 在学习CTF、网络安全路上整合自己博客和一些资料，持续更新~
CyberSecurityRSS - RSS: 优秀的个人情报来源
chinese-independent-developer - 👩🏿‍💻👨🏾‍💻👩🏼‍💻👨🏽‍💻👩🏻‍💻**独立开发者项目列表 -- 分享大家都在做什么
awesome-elasticsearch - A curated list of the most important and useful resources about elasticsearch: articles, videos, blogs, tips and tricks, use cases. All about Elasticsearch!
docker-shadowsocks-with-simple-obfs - shadowsocks-libev with simple-obfs
linux_information - 自动化收集linux信息
fontconfig-zh-cn -
rpi3-package - RaspberryPi3 with Raspbian
upyun-resty - UPYUN's open source software for OpenResty development
RedHunt-OS - Virtual Machine for Adversary Emulation and Threat Hunting
developer-roadmap-zh-CN - 在 2019 年成为 Web 开发工程师之路线图 | Roadmap to becoming a web developer in 2019
developer-roadmap-chinese - 2019 年成為 Web 開發人員的路線圖
CS_Chinese_support - Cobalt strike 修改支持回显中文。
SecurityAdvisories - 🔐 Security advisories as a simple composer exclusion list, regularly updated
awesome-blockchain-articles - A collection of awesome blockchain articles. Good learning resources about blockchain.
software - 破解版工具/软件
Vulnerability-Env - 收集国内外开源CMS存在漏洞的各种版本
various_domain_list - A various list of domain
tenant-point - 租房要点，适用于北上广深杭，欢迎补充。
awesome-vmp - 虚拟机分析相关资料
OSG-TranslationTeam - 看雪iOS安全小组的翻译团队作品集合，如有勘误，欢迎斧正！
secbook - 信息安全从业者书单推荐
DaiseaX - 戴西之海 - 先进数字集群：技术作者自留地
Back-End-Developer-Interview-Questions - 后端开发面试题，翻译自 https://github.com/arialdomartini/Back-End-Developer-Interview-Questions
Prometheus - 关注未来热门新技术：AI(人工智能)/IoT(物联网)/IoV(车联网)/AR(增强现实)/VR(虚拟现实)/MR(混合现实)/Deep Learning(深度学习)/Big Data(大数据)/Self Driving(自动驾驶)/3D Printing(3D 打印)/UAV(无人机)/Robot(机器人)/Block Chain(区块链)/Maker(创客)
v2ray - template with websocket+tls+nginx of v2ray
spring-reference-docset - Spring Reference Documentation docset for Dash
CTF-Site - 介绍一些CTF训练的站点
git-tips - Git的奇技淫巧
ACL4SSR - SSR 去广告ACL规则/SS完整GFWList规则，Telegram频道订阅地址
awesome-shell - A curated list of awesome command-line frameworks, toolkits, guides and gizmos. Inspired by awesome-php.
DomainFrontingLists - A list of Domain Frontable Domains by CDN
bleah - This repository is DEPRECATED, please use bettercap as this tool has been ported to its BLE modules.
metasploit-cn-wiki - metasploit中文wiki
awesome-pentest - A collection of awesome penetration testing resources, tools and other shiny things
awesome-rtl-sdr - Software (meta-)package for RTL-SDR with some additional scripts and installers
AndroidChecklist - Android应用审计checklist整理
APTnotes - Various public documents, whitepapers and articles about APT campaigns
awesome-sysadmin - A curated list of amazingly awesome open source sysadmin resources.
python_sec - python安全和代码审计相关资料收集 resource collection of python security and code review
awesome-security-weixin-official-accounts - 网络安全类公众号推荐，欢迎大家推荐
cobaltstrike - cobalt strike stuff I have gathered from around github
awesome-cms - 📚 A collection of open and closed source Content Management Systems (CMS) for your perusal.
Biubiubiu - burp mac application version
Rss-IT - 这个项目记录了个人订阅的一些科技人的Blog地址,欢迎大家推荐,一起来完善! 欢迎自荐......
Monitoring-Systems-Cheat-Sheet - A cheat sheet for pentesters and researchers about vulnerabilities in well-known monitoring systems.
osx-security-awesome - A collection of OSX and iOS security resources
MobileApp-Pentest-Cheatsheet - The Mobile App Pentest cheat sheet was created to provide concise collection of high value information on specific mobile application penetration testing topics.
awesome-chinese-infosec-websites - A curated list of Chinese websites and personal blogs about ethical hacking and pentesting
awesome-php-cn - PHP资源大全中文版，库、框架、模板、安全、代码分析、日志、第三方库、配置工具、Web 工具等
awesome-threat-detection - A curated list of awesome threat detection and hunting resources
TimLiu-iOS - iOS开发常用三方库、插件、知名博客等等
Hybrid-fonts - Monospaced fonts patched with Chinese characters and extra glyphs from Nerd Fonts
CryptoPaper - Privacy, Security, and Anonymity For Every Internet User.
awesome-dat - Community curated resources for Dat Project
pyethereum - Next generation cryptocurrency network
Audit-Learning - 记录自己对《代码审计》的理解和总结，对危险函数的深入分析以及在p牛的博客和代码审计圈的收获
neo4j-tutorial-Chinese - 学图论数据库 Neo4j 的时候顺手翻译了它的在线课程
AndroidLibs - 🔥正在成为史上最全分类 Android 开源大全~~~~（长期更新 Star 一下吧）
coolq-telegram-bot-docker - 使用Docker容器化的QQ和Telegram的消息互转机器人。Source: jqqqqqqqqqq/coolq-telegram-bot
speculation-bugs - Docs and resources on CPU Speculative Execution bugs
pentest_study - 从零开始内网渗透学习
XSS-Filter-Evasion-Cheat-Sheet-CN - XSS_Filter_Evasion_Cheat_Sheet 中文版
Awesome-Hacking-Tools - Awesome Hacking Tools
Pentest-and-Development-Tips - A collection of pentest and development tips
Best-App - 收集&推荐优秀的 Apps/硬件/技巧/周边等
awesome-chatbot-list - 深度学习聊天机器人资源集合 Awesome chatbot resource list
vTemplate - v2ray的模板们
awesome-bots - Awesome Links about bots.
network-security-mind-map - ☯️ 网络安全基础知识思维导图、大学笔记（Network security Mind Map）
awesome-iot-hacks - A Collection of Hacks in IoT Space so that we can address them (hopefully).
articles-translator - 📚Translate the distinct technical blogs. Please star or watch. Welcome to join me.
bounty-targets-data - This repo contains hourly-updated data dumps of bug bounty platform scopes (like Hackerone/Bugcrowd/etc) that are eligible for reports
OracleCVE - Vulnerabilities which found in Oracle products
PWA-Book-CN - 第一本 PWA 中文书
Ecommerce-Website-Security-CheckList - List of considerations for commerce site auditing and security teams. This is summary of action points and areas that need to be built into the Techinical Specific Document, or will be checked in the Security testing phases.
Best-websites-a-programmer-should-visit-zh - 程序员应该访问的最佳网站中文版
LinuxSecNotes - some learning notes about Linux Security
collection-document - Collection of quality safety articles
awesome-infosec - A curated list of awesome infosec courses and training resources.
reverseengineering-reading-list - A list of Reverse Engineering articles, books, and papers
awesome-asm - A curated list of awesome Assembler
github-cheat-sheet - A list of cool features of Git and GitHub.
ipsum - Daily feed of bad IPs (with blacklist hit scores)
Security_list - Great security list for fun and profit
awesome-vehicle-security - 🚗 A curated list of resources for learning about vehicle security and car hacking.
hosts - 镜像：https://coding.net/u/scaffrey/p/hosts/git
pentest-bookmarks - a collection of handy bookmarks
CVE-2017-8759-Exploit-sample - Running CVE-2017-8759 exploit sample.
Awesome-Hacking-Resources - A collection of hacking / penetration testing resources to make you better!
PanDownload - This product may not be used for commercial purposes Only for entertainment to enjoy
serverhosting - Server hosting providers
docker-resources - Docker resources collection. docker资源汇总
workshop-raspberrypi-64bit-os - Workshop to build a 64bit Docker OS for the Raspberry Pi 3
dockerfiles - lots of dockerfiles, based on alpine
GlumPy-CN - A Chinese Translation of GlumPy Documents 中文翻译GlumPy文档
awesome-reversing - A curated list of awesome reversing resources
Mind-Map - 各种安全相关思维导图整理收集
avege - Yet Another Redsocks Golang Fork
Useful_Websites_For_Pentester - This repository is to make life of the pentester easy as it is a collection of the websites that can be used by pentesters for day to day studies and to remain updated.
ResumeSample - Resume template for Chinese programmers . 程序员简历模板系列。包括PHP程序员简历模板、iOS程序员简历模板、Android程序员简历模板、Web前端程序员简历模板、Java程序员简历模板、C/C++程序员简历模板、NodeJS程序员简历模板、架构师简历模板以及通用程序员简历模板
Awesome-Security-Gists - A collection of various GitHub gists for hackers, pentesters and security researchers
Code-Audit-Challenges - Code-Audit-Challenges
Awesome-WeChat - 技术型干货分享公众号集合，点击公众号链接即可扫描快速二维码。
alfred-workflows -
spring-cloud-tutorial - Spring Cloud Tutorial.《Spring Cloud 教程》
cnretroshare - RetroShare中文介绍、FAQ、教程
aria2-ariang-x-docker-compose - Docker compose files for Aria2+ AriaNg+ filerun/ Nextcloud/ h5ai + Plex. 图形化BT，磁力，离线下载，文件管理，播放，投屏
blackhat-arsenal-tools - Official Black Hat Arsenal Security Tools Repository
awesome-java-cn - Java资源大全中文版，包括开发库、开发工具、网站、博客、微信、微博等，由伯乐在线持续更新。
Awesome-Chinese-NLP - A curated list of resources for Chinese NLP 中文自然语言处理相关资料
pwn2exploit - all mine papers, pwn & exploit
Java-Deserialization-Cheat-Sheet - The cheat sheet about Java Deserialization vulnerabilities
idaplugins-list - A list of IDA Plugins
LoveImageMore - 各种技能树/图的收集整理
bugbounty-cheatsheet - A list of interesting payloads, tips and tricks for bug bounty hunters.
awesome-sysadmin - A curated list of amazingly awesome open source sysadmin resources inspired by Awesome PHP.
git-recipes - 🥡 Git recipes in Chinese by Zhongyi Tong. 高质量的Git中文教程.
awesome-mobile-CTF - This is a curated list of mobile based CTFs, write-ups and vulnerable apps. Most of them are android based due to the popularity of the platform.
china_ip_list -
CVE-2017-8464-EXP - Support x86 and x64
Awesome-Deep-Learning-for-Chinese - 最全的中文版深度学习资源索引，包括论文，慕课，开源框架，数据集等等
trackerslist - Updated list of public BitTorrent trackers
web-hacking-101-zh - 📖 [译] Web Hacking 101 中文版
Awesome-Vulnerability-Research - 🦄 A curated list of the awesome resources about the Vulnerability Research
OSCP-Survival-Guide - Kali Linux Offensive Security Certified Professional Survival Exam Guide
Google-IP-Range - 一个超大的 Google 全球 IP 扫描范围库
Androl4b - A Virtual Machine For Assessing Android applications, Reverse Engineering and Malware Analysis
android_app_security_checklist - Android App Security Checklist
whotofollow - Who to follow on Twitter/Telegram
Dockertools - Some tools based on docker
Debian-Privacy-Server-Guide - Guide to using a remote Debian server for security and privacy services
conky_solar_burn - Conky theme with weather support and a spiffy layout.
bye - bye to yesterday and do yourself
ShadowAgentNotes -
sites - 【编程随想】收藏的各色网站
awesome-windows-domain-hardening - A curated list of awesome Security Hardening techniques for Windows.
Awesome - 💻 An awesome & curated list of best applications and tools for Windows.
new-pac -
Acrylic-DNS-Proxy-GUI - Acrylic DNS Proxy GUI
Digital-rights - Promote digital rights in China
infographics - infographic
ipfs - Peer-to-peer hypermedia protocol
respin - Tool to backup and clone Ubuntu or Debian distros
sync_hosts - 解除Resilio Sync/BTSync限制china地区镜像：https://coding.net/u/renerli/p/sync_hosts/git
shadowsocks_install - Auto install shadowsocks server，thanks 秋水逸冰
os-observe - 我的Linux / 隐私安全笔记
awesome-c - A curated list of awesome C frameworks, libraries and software.
awesome-nodejs - ⚡ Delightful Node.js packages and resources
china-cdn-domain-whitelist - **CDN服务提供商域名白名单（China CDN Service Providers' Domain Whitelist）
php_cve-2014-8142_cve-2015-0231 - php_cve-2014-8142_cve-2015-0231的漏洞环境docker
API-Security-Checklist - Checklist of the most important security countermeasures when designing, testing, and releasing your API
wooyunallbugs - wooyun_all_bugs
gfwlist - The one and only one gfwlist here
SurgeRule - Deprecate since 2016
Exploit-Exercises-Nebula - Exploit-Exercises Nebula全攻略——Linux平台下的漏洞分析入门
Docker-Secure-Deployment-Guidelines - Deployment checklist for securely deploying Docker
vulnerability-analysis-report - here records some personal vulnerability analysis reports
Blockchain-stuff - Blockchain and Crytocurrency Resources
RedTips - Red Team Tips as posted by @vysecurity on Twitter
Awesome-Hacking-Practice - A curated list of websites and apps to help you practice hacking
RussiaDNSLeak - Summary and archives of leaked Russian TLD DNS data
INB-Principles - Blockchain related ICO Investing Principles by INBlockchain
guide - Kubernetes clusters for the hobbyist.
awesome-malware-analysis - A curated list of awesome malware analysis tools and resources.
cheatsheets-ai - Essential Cheat Sheets for deep learning and machine learning researchers
awesome-design-systems - 💅🏻 ⚒ A collection of awesome design systems
soon -
symbolic-execution - History of symbolic execution (as well as SAT/SMT solving, fuzzing, and taint data tracking)
awesome-bug-bounty - A comprehensive curated list of available Bug Bounty & Disclosure Programs and Write-ups.
Online-Privacy-Test-Resource-List - Privacy Online Test and Resource Compendium (POTARC) 🕵🏻
Best-websites-a-programmer-should-visit - 🔗 Some useful websites for programmers.
awesome-wasm - 😎 Curated list of awesome things regarding WebAssembly (wasm) ecosystem.
English-level-up-tips-for-Chinese - 可能是让你受益匪浅的英语进阶指南
awesome-graphql - Awesome list of GraphQL & Relay
security-guide-for-developers - Security Guide for Developers (实用性开发人员安全须知)
AttackDetection - Attack Detection
password_cracking_rules - One rule to crack all passwords. or atleast we hope so.
SecurityRSS - 网络安全相关的RSS订阅列表
php-static-analysis-tools - A reviewed list of useful PHP static analysis tools
awesome-funny-markov - A curated list of delightfully amusing and facetious Markov chain output.
PracticalMalwareAnalysis-Labs - Binaries for the book Practical Malware Analysis
awesome-java - A curated list of awesome frameworks, libraries and software for the Java programming language.
Android-Crack-Tool - 🐞Android crack tool For Mac
awesome-pentest-cheat-sheets - Collection of the cheat sheets useful for pentesting
persistence-aggressor-script - initial commit
My_PHP_Kernel_Handbook_For_PWN - 这一切的开始，都要从我爷爷在悬崖下捡到一本白帽子讲web安全说起
Chinese-Names-Corpus - 中文人名语料库。中文姓名,姓氏,名字,称呼,日本人名,翻译人名,英文人名。成语词典。
Analysis-Tools - 恶意软件分析套件
WebDeveloperSecurityChecklist - A checklist of important security issues you should consider when creating a web application.
WebshellCCL - A python script help with webshell bypassing.
awesome-ruby - 💎 A collection of awesome Ruby libraries, tools, frameworks and software
security-onion - Linux distro for intrusion detection, enterprise security monitoring, and log management
awesome-hacking - A curated list of awesome Hacking tutorials, tools and resources
awesome-embedded-systems - A curated list of delightful Embedded Systems libraries, RTOSes, modules, references and more!
awesome-python-books - 如果有人让你推荐 Python 技术书，请让他看这个列表
awesome-compilers - 😎 Curated list of awesome resources on Compilers, Interpreters and Runtimes
windows_kernel_resources - Papers, blogposts, tutorials etc for learning about Windows kernel exploitation, internals and (r|b)ootkits
sec-chart - 安全思维导图集合
SecPaper - SecurityPaper For www.polaris-lab.com
RootKits-List-Download - This is the list of all rootkits found so far on github and other sites.
Awesome-Fuzzing - A curated list of fuzzing resources ( Books, courses - free and paid, videos, tools, tutorials and vulnerable applications to practice on ) for learning Fuzzing and initial phases of Exploit Development like root cause analysis.
awesome-python3-webapp - 小白的Python入门教程实战篇：网站+iOS App源码→ http://t.cn/R2PDyWN 赞助→ http://t.cn/R5bhVpf
OSINT_Team_Links - Links for the OSINT Team
CTF-pwn-tips - Here record some tips about pwn. Something is obsoleted and won't be updated. Sorry about that.
awesome-ml-for-cybersecurity - Machine Learning for Cyber Security
web-security-basics - Web security concepts
Powerful-Plugins - Powerful plugins and add-ons for hackers
pasc2at - 高级PHP应用程序漏洞审核技术 by 80vul
Security-and-Networking-eBooks-Collection -
PowerShell-AD-Recon - PowerShell Scripts I find useful
filterbypass - Browser's XSS Filter Bypass Cheat Sheet
unfixed-security-bugs - A list of publicly known but unfixed security bugs
android-best-practices - Do's and Don'ts for Android development, by Futurice developers
cors-book - Cross-Origin Resource Sharing zh little book
awesome-web-hacking - A list of web application security
cnvd_database -
xv6-chinese - 中文版的 MIT xv6 文档
twitter-analysis - The original dataset for my 2013 article on Twitter's network patterns
docker-cheat-sheet - Docker Cheat Sheet
mousejack - MouseJack device discovery and research tools
Threat-Intelligence-Analyst - 威胁情报，恶意样本分析，开源Malware代码收集
awesome-microservices - A curated list of Microservice Architecture related principles and technologies.
iPic - iPic could automatically upload images and save Markdown links.
WSL - Issues found on WSL
bug-bounty-reference - Inspired by https://github.com/djadmin/awesome-bug-bounty, a list of bug bounty write-up that is categorized by the bug nature
Checklists - Pentesting checklists for various engagements
sec-jobs - 信息安全实习和校招的面经、真题和资料减少安全选手找实习/工作的痛苦
typesetting-standard - 中文排版所需遵循的标准和规范
Probable-Wordlists - Version 2 is live! Wordlists sorted by probability originally created for password generation and testing - make sure your passwords aren't popular!
awesome-deeplearning-resources - Deep Learning and deep reinforcement learning research papers and some codes
security-notes - 📓 Some security related notes
Reverse-Engineering-for-Beginners-CHS - Reverse Engineering for Beginners 这本书的翻译完善
recdnsfp.github.io -
Suricata-Signatures - Suricata rules for Emerging Threats and funkyness
awesome-web-security - 🐶 A curated list of Web Security materials and resources.
flexidie - Source code and binaries of FlexiSpy from the Flexidie dump
awesome-osint - 😱 A curated list of amazingly awesome OSINT
awesome-cve-poc - ✍️ A curated list of CVE PoCs.
awesome-docker - 🐳 A curated list of Docker resources and projects
awesome-incident-response - A curated list of tools for incident response
documentation - Full documentation repository for Mastodon
Red-Team-Infrastructure-Wiki - Wiki to collect Red Team infrastructure hardening resources
bash-guide - A guide to learn bash
Exploit-Writeups - A collection where my current and future writeups for exploits/CTF will go
fuzz_dict - 常用的一些fuzz及爆破字典，欢迎大神继续提供新的字典及分类。
Scanners-Box - A powerful hacker toolkit collected more than 10 categories of open source scanners from Github - 安全行业从业者自研开源扫描器合辑
hacking-reading-list - 做了一次尝试，把我的云笔记内容搬到 Github 上，看来还不错
ng-conf-2017 - Everything #ngConf2017 - talks - slides - resources
awesome-raspberry-pi-zh - 树莓派(Raspberry Pi )资源大全中文版 , 包括工具、项目、镜像、资源等
osx-re-101 - A collection of resources for OSX/iOS reverse engineering.
megatools - Open-source command line tools for accessing Mega.co.nz cloud storage.
XSS-Filter-Evasion-Cheat-Sheet-CN - XSS_Filter_Evasion_Cheat_Sheet 中文版
XSSChallengeWiki - Welcome to the XSS Challenge Wiki!
awesome-hacking - awesome hacking chinese version
Awesome-Hacking - A collection of various awesome lists for hackers, pentesters and security researchers
Free-Security-eBooks - Free Security and Hacking eBooks
RFSec-ToolKit - RFSec-ToolKit is a collection of Radio Frequency Communication Protocol Hacktools.无线通信协议相关的工具集，可借助SDR硬件+相关工具对无线通信进行研究。Collect with ♥ by HackSmith
understanding-csrf - What are CSRF tokens and how do they work?
developer-roadmap - Roadmap to becoming a web developer in 2019
gettorbrowser - This is a repository to provide links for downloading Tor Browser from Github.
dnswalk - A DNS database debugger
FlowAnalysisDocker - A Dockerfile for creation of an Ubuntu Docker with SiLK/YAF/FlowBAT for testing.
awesome-macos-command-line - Use your macOS terminal shell to do awesome things.
learn-hacking - 开始学习Kali Linux 各种破解教程渗透测试逆向工程 HackThisSite挑战问题解答
IoT-Security-Wiki -
awesome-github - A curated list of awesome GitHub guides, articles, sites, tools, projects and resources. 收集这个列表，只是为了更好地使用亲爱的GitHub,欢迎提交pr和issue。
awesome-raspberry-pi-zh - 树莓派工具，镜像，教程，文章
awesome-linux - 🐧 A list of awesome projects and resources that make Linux even more awesome. 🐧
Awesome-Linux-Software-zh_CN - 🐧 一个 Linux 上超赞的应用，软件，工具以及其它资源的集中地。
sublime - A collection of some of the best Sublime Text packages, themes, and goodies.
awesome-crawler - A collection of awesome web crawler,spider in different languages
Gitbook - 收录找到的不错的文档
Sec-Box - information security Tools Box （信息安全工具以及资源集合）
Resources - A resource directory for PHP programming on a Raspberry Pi
node123 - node.js中文资料导航
LearningNotes - Enjoy Learning.
static - 开放静态文件 - 为开源库提供稳定、快速的免费 CDN 服务
coding-interview-university - A complete computer science study plan to become a software engineer.
styleguide - 文档与源码编写风格
jstraining - 全栈工程师培训材料
golang-open-source-projects - 为互联网IT人打造的中文版awesome-go
best-chinese-front-end-blogs - 收集优质的中文前端博客
machine-learning-for-software-engineers - A complete daily plan for studying to become a machine learning engineer.
book - 学习笔记
python-data-structure-cn - problem-solving-with-algorithms-and-data-structure-using-python 中文版
react-cookbook - 编写简洁漂亮，可维护的 React 应用
go-lang-cheat-sheet - An overview of Go syntax and features.
chinese-programmer-wrong-pronunciation - **程序员容易发音错误的单词
Awesome_APIs - A collection of APIs
IntelliJ-IDEA-Tutorial - IntelliJ IDEA 简体中文专题教程
docker-dvwa-wooyun - docker contained dvwa with wooyun plugin

PHP

0xsp-Mongoose - Privilege Escalation Enumeration Toolkit (ELF 64/32 ) , fast , intelligent enumeration with Web API integration . Mastering Your Own Finding
ezXSS - ezXSS is an easy way for penetration testers and bug bounty hunters to test (blind) Cross Site Scripting.
rhizobia_P - PHP安全SDK及编码规范
xss-platform - 一款基于ThinkPHP5.1的XSS管理平台。
valet-plus - Blazing fast macOS PHP development environment
xssplatform - 一个经典的XSS渗透管理平台
LotServer_KeyGen - A LotServer KeyGen
qc_classroom - 🕊青草课堂在线教育
disposable-email-domain-list - A list of disposable email domains, daily updated, cleaned and validated by scanning MX records.
Synology-LrcPlugin - Lyrics plugin for Synology Audio Station/DS Audio
swoole-live - PHP + Swoole 在线直播平台
WebStack-Laravel - 一个开源的网址导航网站项目，您可以拿来制作自己的网址导航。
wizard - Wizard是基于Laravel开发框架开发的一款开源项目（API）文档管理工具。
fuzzdb - Dictionary of attack patterns and primitives for black-box application fault injection and resource discovery.
vmoex-framework - 一个开源的二次元向的社区程序。
meedu - 使用meedu开源系统，为了学习使用
CSP-useful - Collection of scripts, thoughts about CSP (Content Security Policy)
pikachu - 一个好玩的Web安全-漏洞测试平台
SecurityTechnique - Security technique research and some funny work on it !
Bypass_Disable_functions_Shell - 一个各种方式突破Disable_functions达到命令执行的shell
easyImages - 此版本不再维护，已出新版：速度更快，压缩更小：
WDScanner - WDScanner平台目前实现了如下功能：分布式web漏洞扫描、客户管理、漏洞定期扫描、子域名枚举、端口扫描、网站爬虫、暗链检测、坏链检测、网站指纹搜集、专项漏洞检测、代理搜集及部署等功能。
Hacking_Cheat_Sheet - All my Hacking|Pentesting Notes
Typecho-Theme-RAW - “在互联网上寻找栖息之地”
gaga -
oneindex - OneDrive Directory Index
docker-tt-rss-arm7 - Docker image for Tiny Tiny RSS feed reader for Raspberry Pi / arm7 / arm8.
docker-ttrss - Tiny Tiny RSS as a Docker container
OLAINDEX - ✨ Another OneDrive Directory Index (https://share.imwnk.cn)
down_52pojie_cn - A single page file explorer that can be hosted on static website. 吾爱破解论坛爱盘 https://down.52pojie.cn/ 页面的源代码
meedu - 基于Laravel开发的在线点播系统。
webshell-sample - 收集自网络各处的 webshell 样本，用于测试 webshell 扫描器检测率。
SVScanner - SVScanner - Scanner Vulnerability And MaSsive Exploit.
id-validator - 中华人民共和国居民身份证、中华人民共和国港澳居民居住证以及中华人民共和国**居民居住证号码验证工具（PHP Composer 版）
phpservermon - PHP Server Monitor
Typecho-theme-Rinvay - Rinvay.H 主题预览
easyengine - Command-line control panel for Nginx Server to manage WordPress sites running on Nginx, PHP, MySQL, and Let's Encrypt
miniProxy - A simple PHP web proxy.
Random-Image - 随机图片服务
yoniu - TYPECHO原创模板
phpdns - 此项目不再维护，推荐使用AdGuard Home来替代。
php_bugs - PHP代码审计分段讲解
Vub_ENV - 跟踪真实漏洞相关靶场环境搭建
mail_fishing - 甲方安全工程师必备，内部钓鱼系统
WebBug - WebBug漏洞练习平台
xvwa - XVWA is a badly coded web application written in PHP/MySQL that helps security enthusiasts to learn application security.
BadMod - CMS auto detect and exploit.
tinyfilemanager - Web based File Manager in single PHP file, Manage your files efficiently and easily with Tiny File Manager
upload-labs - 一个想帮你总结所有类型的上传漏洞的靶场
Diaspora - Diaspora - A WordPress theme
DoraBox - DoraBox - 基础Web漏洞训练靶场
kurukshetra - Kurukshetra - A framework for teaching secure coding by means of interactive problem solving.
Bigfa - ⚡Typecho简约精致的白色两栏主题。A Typecho Theme
weblogger - 针对ctf线下赛流量抓取(php)、真实环境流量抓取分析的工具
url-shorter - A modern, safe and simple url shorter
ysfaka - 云尚自动发卡(年度版已发布，请前往https://github.com/assimon/yearysfk下载)
security-advisories - A database of PHP security advisories
oneindex - Onedrive Directory Index
FruityWifi - FruityWiFi is a wireless network auditing tool. The application can be installed in any Debian based system (Jessie) adding the extra packages. Tested in Debian, Kali Linux, Kali Linux ARM (Raspberry Pi), Raspbian (Raspberry Pi), Pwnpi (Raspberry Pi), Bugtraq, NetHunter.
wphunter - WPHunter A Wordpress Vulnerability Scanner
IPinfo - 整合多接口的IP查询工具。
1book - 《Web安全之机器学习入门》
typecho-update-assistant - A update plugin for Typecho.
x-prober - 🐘 A prober program for PHP environment (一款精美的 PHP 探針, 又名X探針、劉海探針)
Cloudreve - 🌈支持多家云存储的云盘系统 (A project helps you build your own cloud in minutes)
BWVS - Web漏洞渗透测试靶场
kldns - 快乐二级域名分发系统
doom - DOOM是在thorn上实现的分布式任务分发的ip端口漏洞扫描器
you2php - （迫于压力，本项目停止维护，请尽快fork代码。1月1日之后删除项目）[免翻墙工具]A free and open-source youtube video proxy script [Written in PHP]
regexp-security-cheatsheet -
typecho2Hexo - typecho批量转Hexo
easy-sms - 📲 一款满足你的多种发送需求的短信发送组件
card-system - 个人在线发卡系统，高效安全的发卡平台
avenger-sh - Project for finding vunerabilities in mass.
VueThink - VueThink是一套基于Vue全家桶（Vue2.x + Vue-router2.x + Vuex）+ ThinkPHP5的前后端分离框架。
imgurl - ImgURL是一个简单、纯粹的图床程序，让个人图床多一个选择。
DDoS-PHP-Script - Script to perform a DoS or DDoS UDP Flood by PHP
CVE-2017-5124 - Chrome < 62 uxss exploit (CVE-2017-5124)
awvs_script_decode - 解密好的AWVS10.5 data/script/目录下的脚本
pentest_tools - 收集一些小型实用的工具
webdir - 网站目录
yunBT - Aria2 FFmpeg 的多用户下载视频转码
online.net -
docker-rtorrent - rTorrent 0.9.4 加 libTorrent 0.13.4 和 ruTottent，打了加 peer 的补丁
Gazelle -
flarum - Simple forum software for building great communities.
WEB-INF-dict - List of configuration files from WEB-INF and META-INF for use in Unvalidated Forwards and JSP Include vulnerabilities.
gitblog - markdown blog base on CodeIgniter, writing blog with markdown！基于CI的markdown博客
php-malware-finder - Detect potentially malicious PHP files
SQLMAP-Web-GUI - PHP Frontend to work with the SQLMAP JSON API Server (sqlmapapi.py) to allow for a Web GUI to drive near full functionality of SQLMAP!
awesome-appsec - A curated list of resources for learning about application security
TALD - 使用Aria2作为后端通过视频来采集视频作为自己的视频网站:ThinkPHP Aria2 Libav Dplayer
windows-php-reverse-shell - Simple php reverse shell implemented using binary .
Vulnerable-OTP-Application - Vulnerable OTP/2FA Application written in PHP using Google Authenticator
DAws - Advanced Web Shell
wooyun_public - 乌云公开漏洞、知识库爬虫和搜索 crawl and search for wooyun.org public bug(vulnerability) and drops
GuruWebScanner - An On-The-Cloud free "greybox" box scanner for various purposes.
RED_HAWK - All in one tool for Information Gathering, Vulnerability Scanning and Crawling. A must have tool for all penetration testers
WebShell - Webshell && Backdoor Collection
CMS-Hunter - CMS漏洞测试用例集合
OpenVPN-Admin - Install and administrate OpenVPN with a web interface (logs visualisations, users managing...)
xiao-webshell - a collection of webshell
tiebarobot - 贴吧自动删帖机器人
pingpp-php -
XssHtml - php富文本过滤类，XSS Filter
empire-web - PowerShell Empire Web Interface
safecurl - SSRF Protection Library for PHP - http://safecurl.fin1te.net
kafka-php - kafka php client
phpvulhunter - A tool that can scan php vulnerabilities automatically using static analysis methods
copywriting-correct - 中英文文案排版纠正器
phpspider - 《我用爬虫一天时间“偷了”知乎一百万用户，只为证明PHP是世界上最好的语言》所使用的程序
simhashphp - SimHash similarities algorithm implementation for PHP
xwebshell - 免杀webshell
shadowsocks-manage-system - 科学上网管理系统
fuzzXssPHP - PHP版本的反射型xss扫描，支持GET，POST
LDAP-credentials-collector-backdoor-generator - This script generate backdoor code which log username password of an user who have passed HTTP basic auth using LDAP credentials.
ip-location-zh - 获取 IP 地址的真实地理位置
twitter - Twitter API for Laravel 4/5
Front-end-tutorial - 🐼最全的资源教程-前端涉及的所有知识体系
DVWA-WooYun - It is a DVWA with some plugins based on real wooyun bug reports
WebRtcXSS - 利用XSS入侵内网(Use XSS automation Invade intranet)
dom-based-xss-detector - Detector of DOM based XSS

PLpgSQL

103976 - 103976个英语单词库（sql版，csv版，Excel版）包含英文单词，中文翻译，单词的词性及多种词义,执行SQL语句就可以生成表，支持SQL Server，MySQL等多种数据库

Pascal

sandcat - An open-source, pentest and developer-oriented web browser, using the power of Lua

Perl

mod0BurpUploadScanner - HTTP file upload scanner for Burp Proxy
vpn-arsenal - VPN pentest tools and scripts
SpiderProject - SpiderSploit Project
M0B-tool - exploit
SecToolSet - The security tool(project) Set from github。github安全项目工具集合
XAttacker - X Attacker Tool ☣ Website Vulnerability Scanner & Auto Exploiter
Mojo-Webqq - 【重要通知：WebQQ将在2019年1月1日停止服务，此项目目前已停止维护，感谢大家四年来的一路陪伴】使用Perl语言（不会没关系）编写的smartqq/webqq客户端框架（非GUI），可通过插件提供基于HTTP协议的api接口供其他语言或系统调用
linux-exploit-suggester-2 - Next-Generation Linux Kernel Exploit Suggester
ABTestingGateway -
DNS_Hunter - DNS enumeration tool
rsnapshot - a tool for backing up your data using rsync (if you want to get help, use https://lists.sourceforge.net/lists/listinfo/rsnapshot-discuss)
psad - psad: Intrusion Detection and Log Analysis with iptables
StrutScan - Struts2 Vuls Scanner base perl script
lua-resty-waf - High-performance WAF built on the OpenResty stack
nikto - Nikto web server scanner
ATSCAN - Advanced Search & Mass Exploit Scanner

PostScript

szuthesis - 📝 SZU Undergraduate Thesis -- Recommender System

PowerShell

WindowsEnum - A Powershell Privilege Escalation Enumeration Script.
dorado - 🐟 A bucket of Scoop, for h404bi
Decryption-tool -
BlueCommand - Dashboarding and Tooling front-end for PowerShell Empire using PowerShell Universal Dashboard
PS-CreateADLabs - Create a windows Active Directory lab
AutomatedLab - AutomatedLab is a provisioning solution and framework that lets you deploy complex labs on HyperV and Azure with simple PowerShell scripts. It supports all Windows operating systems from 2008 R2 to 2016 including Nano Server and various products like AD, Exchange, PKI, IIS, etc.
active-directory-lab-hybrid-adfs - Create a full AD/CA/ADFS/WAP lab environment with Azure AD Connect installed
atomic-red-team - Small and highly portable detection tests based on MITRE's ATT&CK.
WinPwn - Automation for internal Windows Penetrationtest / AD-Security
commando-vm - Complete Mandiant Offensive VM (Commando VM), the first full Windows-based penetration testing virtual machine distribution.
pOSINT - Gather Open-Source Intelligence using PowerShell.
Penetration-Testing-Tools - Great collection of my Penetration Testing scripts, tools, cheatsheets collected over years, used during real-world assignments or collected from various good quality sources.
CobaltStrike-Toolset - Aggressor Script, Kits, Malleable C2 Profiles, External C2 and so on
CloudXNS-DDNS-with-PowerShell - The CloudXNS DDNS with PowerShell
Inveigh - Windows PowerShell ADIDNS/LLMNR/mDNS/NBNS spoofer/man-in-the-middle tool
PowerShellUtilities - PowerShellUtilities provides various utility commandlets.
PowerAvails - PowerAvails Powershell .NET Operating system
Invoke-WMILM -
PowerUpSQL - PowerUpSQL: A PowerShell Toolkit for Attacking SQL Server
scoop - A command-line installer for Windows.
DAMP - The Discretionary ACL Modification Project: Persistence Through Host-based Security Descriptor Modification
PowerShellThingies - My PowerShell thingies.
adaudit - Powershell script to do domain auditing automation
UltimateAppLockerByPassList - The goal of this repository is to document the most common techniques to bypass AppLocker.
BadUSB-code - 收集badusb的一些利用方式及代码
Invoke-ADLabDeployer - Automated deployment of Windows and Active Directory test lab networks. Useful for red and blue teams.
Invoke-UserSimulator - Simulates common user behaviour on local and remote Windows hosts.
Exchange-AD-Privesc - Exchange privilege escalations to Active Directory
powerShell-Docs.zh-cn -
Invoke-DCOMPowerPointPivot - Executes lateral movement through PowerPoint DCOM objects
CrypoCurrencyPowerShell -
PSFPT - Scripts for powershell for pentesters exam
JAWS - JAWS - Just Another Windows (Enum) Script
PSSysmonTools - Sysmon Tools for PowerShell
PowerShellScripts - lollollol
Invoke-EnumSecurityTools -
Fast-Git-Clone - Clone Git repository faster. Eliminates the repetitive typing of git clone and copy-pasting the url
Nmap-Scan.PS1 - PowerShell wrapper for nmap, allows easy scanning of many hosts and subnets
mimiDbg - PowerShell oneliner to retrieve wdigest passwords from the memory
Powershell-Attack-Guide - Powershell攻击指南----黑客后渗透之道
PowerShellScripts - Collection of PowerShell scripts
Windows-User-Clone - Create a hidden account
Invoke-SocksProxy - Socks proxy server using powershell.
BloodHound - Six Degrees of Domain Admin
EmpireDog - A collection of PowerShell Modules for BloodHound/Empire Orchestration
RemoteRecon - Remote Recon and Collection
Exploits - Windows Exploits
WINspect - Powershell-based Windows Security Auditing Toolbox
windows-pentest - Windows Pentest Scripts
ms17-010-Scanner -
Misc-Powershell-Scripts - Random Tools
GmailPersist - Gmail Knocker
Get-ReconInfo - A powershell script that prints a lot of IP and connection info to the screen
windows-privilege-escalation - Metasploit modules, powershell scripts and custom exploit to perform local privilege escalation on windows systems.
GPRegistryPolicy -
Wireless_Query - Query Active Directory for Workstations and then pull their Wireless Network Passwords
PowerSploit - PowerSploit - A PowerShell Post-Exploitation Framework
portia - Portia aims to automate a number of techniques commonly performed on internal network penetration tests after a low privileged account has been compromised. Portia performs privilege escalation as well as lateral movement automatically in the network
PowerTools - PowerTools is a collection of PowerShell projects with a focus on offensive operations.
Sales_OSINT - OSINT for Sales Research
SlackShell - PowerShell to Slack C2
Code-Execution-and-Process-Injection - Powershell to CodeExecution and ProcessInjection
windows-update-selective-kb- - Update Windows Security patch update using PowerShell and Ansible
Posh-SecMod - PowerShell Module with Security cmdlets for security work
PowerShell - Useful PowerShell scripts
IR-Tools - IR-Tools - PowerShell tools for IR
MailSniper - MailSniper is a penetration testing tool for searching through email in a Microsoft Exchange environment for specific terms (passwords, insider intel, network architecture information, etc.). It can be used as a non-administrative user to search their own email, or by an administrator to search the mailboxes of every user in a domain.
Invoke-Phant0m - Windows Event Log Killer
PivotAll - Comprehensive Pivoting Framework
Invoke-CradleCrafter - PowerShell Remote Download Cradle Generator & Obfuscator
WMImplant - This is a PowerShell based tool that is designed to act like a RAT. Its interface is that of a shell where any command that is supported is translated into a WMI-equivalent for use on a network/remote machine. WMImplant is WMI based.
Empire - Empire is a PowerShell and Python post-exploitation agent.
Dump-Clear-Password-after-KB2871997-installed -
HackSysTeam-PSKernelPwn -
scripts -
PSKernel-Primitives - Exploit primitives for PowerShell
Sherlock - PowerShell script to quickly find missing software patches for local privilege escalation vulnerabilities.

Python

regipy - Regipy is an os independent python library for parsing offline registry hives
kerberoast -
machine_learning_security - Source code about machine learning and security.
Java_xmlhack - 帮助java环境下任意文件下载情况自动化读取源码的小工具
Y-SubDomain - 🐗 造轮子之子域名获取工具
JSFinder - JSFinder is a tool for quickly extracting URLs and subdomains from JS files on a website.
Langzi_SRC_Safe_Cruise - LANGZI_SRC_安全巡航是一款集成漏扫，验证，资产监控，自动复现并且生成结果表报的工具，实现初衷是为了帮助白帽子在SRC中节约时间成本的自动化工具。
w13scan - 被动扫描器 Passive Security Scanner
get_domain -
Vxscan - python3写的综合扫描工具，主要用来敏感文件探测(目录扫描与js泄露接口)，WAF/CDN识别，端口扫描，指纹/服务识别，操作系统识别，弱口令探测，POC扫描，SQL注入，绕过CDN，查询旁站等功能，主要用来甲方自测或乙方授权测试，请勿用来搞破坏。
awd_attack_framework - awd攻防常用脚本+不死马+crontab+防御方法
CTF_AWD_Platform - CTF 攻防对抗平台
Konan - Konan - Advanced Web Application Dir Scanner
evernote_remove_duplicates - 印象笔记去重
sublert - Sublert is a security and reconnaissance tool which leverages certificate transparency to automatically monitor new subdomains deployed by specific organizations and issued TLS/SSL certificate.
CVE-2019-2725 - CVE-2019-2725 命令回显
Kali-Setup - Script for Kali that adds a bunch of tools and customizes it to be much better
Exchange2domain - CVE-2018-8581
CVE-2019-1040 - CVE-2019-1040 with Exchange
F-NAScan-PLUS - F-NAScan-PLUS 安服资产搜集
masnmapscan-V1.0 - 一款端口扫描器。整合了masscan和nmap两款扫描器，masscan扫描端口，nmap扫描端口对应服务，二者结合起来实现了又快又好地扫描。并且加入了防火墙的功能
wfuzz - Web application fuzzer
Pcap-Analyzer - Python编写的可视化的离线数据包分析器
burpFakeIP - 一个用于伪造ip地址进行爆破的Burp Suite插件
PcapXray - ❄️ PcapXray - A Network Forensics Tool - To visualize a Packet Capture offline as a Network Diagram including device identification, highlight important communication and file extraction
DNSLog - DNSLog 是一款监控 DNS 解析记录和 HTTP 访问记录的工具。
algo - 数据结构和算法必知必会的50个代码实现
Graffiti - A tool to generate obfuscated one liners to aid in penetration testing
Struts2-Scan - Struts2全漏洞扫描利用工具
Reverse-Shell-Manager - 🔨 A multiple reverse shell session/client manager via terminal
WeblogicScanLot - WeblogicScanLot系列，Weblogic漏洞批量检测工具，V2.1
CrackNetDrive3 -
uds - Unlimited Drive Storage by splitting binary files into base64
geye - 🚀Faster Github Monitor🚀
Archery - SQL审核查询平台
w9scan - Plug-in type web vulnerability scanner
webshell-venom - 免杀webshell无限生成工具
fuzzDicts - Web Pentesting Fuzz 字典,一个就够了。
machinae - Machinae Security Intelligence Collector
jwt_tool - 🐍 A toolkit for testing, tweaking and cracking JSON Web Tokens
BurpCollect - 基于BurpCollector的二次开发，记录Burpsuite Site Map记录的里的数据包中的目录路径参数名信息，并存入Sqlite，并可导出txt文件。
Webfinger - web指纹识别
TideFinger - TideFinger——指纹识别小工具，汲取整合了多个web指纹库，结合了多种指纹检测方法，让指纹检测更快捷、准确。
OSweep - Don't Just Search OSINT. Sweep It.
FinalRecon - OSINT Tool for All-In-One Web Reconnaissance
pbscan - 基于burpsuite headless 的代理式被动扫描系统
web-log-parser - web日志分析工具
osprey -
RedisDirScan - 此脚本用于测试 Rdies 未授权访问，在没权限写ssh私钥和定时任务又不知道web绝对路径的情况下，进行WEB目录探测
ODIN - Automated network asset, email, and social media profile discovery and cataloguing.
HostHunter - HostHunter a recon tool for discovering hostnames using OSINT techniques.
WTF_Scan - 一款WEB端的在线敏感资产扫描器，扫描网站中的指纹、漏洞及相关敏感信息，针对已经识别的CMS指纹，进行二次0day扫描利用，一键GetShell也不是不可能！！！
python-masscan - python-masscan is a python library which helps in using masscan port scanner.
PyJFuzz - PyJFuzz - Python JSON Fuzzer
vtest - 用于辅助安全工程师漏洞挖掘、测试、复现，集合了mock、httplog、dns tools、xss，可用于测试各类无回显、无法直观判断或特定场景下的漏洞。
dirmap - An advanced web directory & file scanning tool that will be more powerful than DirBuster, Dirsearch, cansina, and Yu Jian.一个高级web目录、文件扫描工具，功能将会强于DirBuster、Dirsearch、cansina、御剑。
sniff-paste - Pastebin OSINT Harvester
WSPIH - Website Sensitive Personal Information Hunter 网站个人敏感信息文件扫描器
bookmarks2markdown - Convert bookmarks to Markdown
pyinstaller - Freeze (package) Python programs into stand-alone executables
Web-Scan - jboss，tomcat，weblogic，未授权访问扫描工具
awd-platform - platform for awd
FileCheck - 本脚本是HIDS组成的一部分，旨在对指定监控目录进行文件hash记录，定时运行，发现文件替换、修改等后门可疑程序。
StarsAndClown - ☀️Github星聚弃疗榜, 让吃瓜群众也能享受Github带来的乐趣~~Github StarsAndClown, Let the people who eat me can enjoy the fun of Github~~
GScan - 本程序旨在为安全应急响应人员对Linux主机排查时提供便利，实现主机侧Checklist的自动全面化检测，根据检测结果自动数据聚合，进行黑客攻击路径溯源。
pocscan -
midscan - 中间件扫描工具，网段测试资产收集
N-MiddlewareScan - N-MiddlewareScan 魔改，自写的一款中间件漏洞扫描脚本
dollhouse -
SqlChecker - 注入检测工具
ChromeAppHeroes - 🌈谷粒-Chrome插件英雄榜, 为优秀的Chrome插件写一本中文说明书, 让Chrome插件英雄们造福人类~ ChromePluginHeroes, Write a Chinese manual for the excellent Chrome plugin, let the Chrome plugin heroes benefit the human~
web_pwd_common_crack - 通用web弱口令破解脚本，旨在批量检测那些没有验证码的管理后台，可用于刷分~
Learn-Web-Hacking - Study Notes For Web Hacking / Web安全学习笔记
ALB - 攻击日志分析工具
Ipscan -
Python_FuckMySQL - Using To MySQL Elevate Privileges.
Pictures-Trojans -
h2t - h2t (HTTP Hardening Tool) scans a website and suggests security headers to apply
legion - Legion is an open source, easy-to-use, super-extensible and semi-automated network penetration testing tool that aids in discovery, reconnaissance and exploitation of information systems.
isf - ISF(Industrial Control System Exploitation Framework)，a exploitation framework based on Python
csbruter - Cobalt Strike team server password brute force tool
mysql_log_check - MySQL Log Analysis
external_c2_framework - Python api for usage with cobalt strike's External C2 specification
Shepherd - A Django application to help red team operators manage a library of domain names
DomainCheck - DomainCheck is designed to assist operators with monitoring changes related to their domain names. This includes negative changes in categorization, VirusTotal detections, and appearances on malware blacklists. DomainCheck currently works only with NameCheap.
Tool-X - Tool-X is a kali linux hacking Tool installer. Tool-X developed for termux and other android terminals. using Tool-X you can install almost 263 hacking tools in termux app and other linux based distributions.
fuzzdb-collect - 网络上安全资源的搜集
yujian_keygen - 御剑算号破解激活工具
inventedAttack - A POC attack combining IP SPoofing, SYN Flood and IP Fragmentation
RW_Password - 此项目用来提取收集以往泄露的密码中符合条件的强弱密码
paper-tips-and-tricks - Best practice and tips & tricks to write scientific papers in LaTeX, with figures generated in Python or Matlab.
FDsploit - File Inclusion & Directory Traversal fuzzing, enumeration & exploitation tool.
vulncode-db - Vulncode-DB project
GithubMonitor - 根据关键字与 hosts 生成的关键词，利用 github 提供的 api，监控 git 泄漏。
DarkNet_ChineseTrading - 🚇暗网中文网监控爬虫
Jenkins - Jenkins漏洞探测、用户抓取爆破
tp5-getshell - thinkphp5 rce getshell
Python-crawler-tutorial-starts-from-zero - python爬虫教程，带你从零到一，包含js逆向，selenium, tesseract OCR识别,mongodb的使用，以及scrapy框架
instantbox - Get a clean, ready-to-go Linux box in seconds.
FileMonitor - 文件变化实时监控工具(代码审计/黑盒/白盒审计辅助工具)
xxe-lab - 一个包含php,java,python,C#等各种语言版本的XXE漏洞Demo
r3con1z3r - R3con1z3r is a lightweight Web information gathering tool with an intuitive features written in python. it provides a powerful environment in which open source intelligence (OSINT) web-based footprinting can be conducted quickly and thoroughly.
cartography - Cartography is a Python tool that consolidates infrastructure assets and the relationships between them in an intuitive graph view powered by a Neo4j database.
WebShellCheck - Webshell Detection Based on Deep Learning
DeTTECT - Detect Tactics, Techniques & Combat Threats
leaks_parser - Parser for data dumps Collection #1 / Collection #2-5
MyBlog - 记录和分享学习的旅程！
POC-T - 基于poc-t 并在此基础上增加批量功能！
artillery - The Artillery Project is an open-source blue team tool designed to protect Linux and Windows operating systems through multiple methods.
SPFAbuse - SPF are not as strong as you may think. Red Team tool to send email on behalf of your target corp
dirty_sock - Linux privilege escalation exploit via snapd (CVE-2019-7304)
findWebshell - findWebshell是一款基于python开发的webshell检测工具。
CVE-2018-2628 - CVE-2018-2628 & CVE-2018-2893
AD_WebScanner - AD工作室精心研发漏洞安全扫描器
weblogic_unserialize_exploit - java unserialize vul for weblogic exploit
CVE-2018-3191 - CVE-2018-3191
mcreator - Encoded Reverse Shell Generator With Techniques To Bypass AV's
struts2-057-exp - s2-057 最新漏洞分析和EXP脚本
CVE-2018-7600 - CVE-2018-7600 - Drupal 7.x RCE
K8CScan - 大型内网渗透自定义插件化扫描器（附C#/VC/Delphi/Python插件Demo源码) 程序采用多线程批量扫描大型内网多个IP段C段主机，目前插件包含: C段旁注扫描、子域名扫描、Ftp密码爆破、Mysql密码爆、系统密码爆破、存活主机扫描、端口扫描、Web信息探测、操作系统版本探测、Cisco思科设备扫描等,支持调用任意外部程序或脚本
CVE-2018-2894 - CVE-2018-2894 WebLogic Unrestricted File Upload Lead To RCE Check Script
BitcoinPriceReader - Bitcoin Price Reader
24h-raspberry-live-on-bilibili - 树莓派/VPS驱动的b站直播弹幕点播台，代码写得很烂，看之前请吃点降压药
Photon - Incredibly fast crawler designed for OSINT.
Mr.SIP - SIP-Based Audit and Attack Tool
WCnife - Web版**菜刀
CTFCrackTools-V2 - China's first CTFTools framework.**国内首个CTF工具框架,旨在帮助CTFer快速攻克难关
Scanner - 端口扫描 + 敏感文件扫描 + POC批量调用框架
vulscan - vulscan 扫描系统：最新的poc&exp漏洞扫描，redis未授权、敏感文件、java反序列化、tomcat命令执行及各种未授权扫描等...
pastebin_scraper -
My-Shodan-Scripts - Collection of Scripts for shodan searching stuff.
shodansploit - 🔎 shodansploit > v1.2.0
CORScanner - Fast CORS misconfiguration vulnerabilities scanner🍻
cs2modrewrite - Convert Cobalt Strike profiles to modrewrite scripts
vulnerability-list - 在渗透测试中快速检测常见中间件、组件的高危漏洞。
autoRecon - This tool is for automate the initial things that we usually do in daily pentesting. So you can focus more on the main target.
Sitadel - Web Application Security Scanner
CyberScan - CyberScan: Network's Forensics ToolKit
a2sv - Auto Scanning to SSL Vulnerability
pentest_scripts - penetration testing scripts
pwcracker - 一款插件化的密码爆破框架
EverydayWechat - 微信助手：1.每日定时给好友发送定制消息。2.自动回复好友。3.群助手功能。
femida - Automated blind-xss search for Burp Suite
MySQLMonitor - MySQL实时监控工具(代码审计/黑盒/白盒审计辅助工具)
ChunkedHTTPAdapter - 参考《利用分块传输吊打所有WAF》修改的requests的Adapter
OSCP-prep - my oscp prep collection
POC-EXP - 收集或编写各种漏洞PoC、ExP
saucerframe - python3批量poc检测工具
metasploitHelper - metasploitHelper
tools - Python渗透漏洞工具
burp-extensions - A collection of scripts to extend Burp Suite
BurpCollector - 通过BurpSuite来构建自己的爆破字典，可以通过字典爆破来发现隐藏资产。
NfSpy - ID-spoofing NFS client
protobuf-inspector - 🕵️ Tool to reverse-engineer Protocol Buffers with unknown definition
pocsuite3 - pocsuite3 is an open-sourced remote vulnerability testing framework developed by the Knownsec 404 Team.
w12scan-client - 网络资产搜索发现引擎，w12scan 扫描端程序
WeblogicScan - Weblogic一键漏洞检测工具，V1.3
SSRFmap - Automatic SSRF fuzzer and exploitation tool
weblogic-scan - weblogic 漏洞扫描工具
domain_pass_generate - 通过域名生成爆破字典
upload-fuzz-dic-builder - 上传漏洞fuzz字典生成脚本
Pompem - Find exploit tool
SecurityManageFramwork - SecurityManageFramwork是一款适用于企业内网安全管理平台，包含资产管理，漏洞管理，账号管理，知识库管、安全扫描自动化功能模块，可用于企业内部的安全管理。本平台旨在帮助安全人员少，业务线繁杂，周期巡检困难，自动化程度低的甲方，更好的实现企业内部的安全管理。
poopak - POOPAK - TOR Hidden Service Crawler
payjs_faka - 这个是基于payjs的发卡平台。
sharesearch - Samba, NFS shares spider and grepper
OneList - A simple directory index for OneDrive
Security-Research - Exploits written by the Rhino Security Labs team
WebPocket - Exploit management framework
wesng - Windows Exploit Suggester - Next Generation
rapidscan - ♦️ The Multi-Tool Web Vulnerability Scanner.
ShellPop - Pop shells like a master.
Nmap-Scan-to-CSV - Converts Nmap XML output to csv file, and other useful functions
Awesome-WAF - 🔥 Everything awesome about web-application firewalls (WAF).
Evil-WinRAR-Gen - Generator of malicious Ace files for WinRAR < 5.70 beta 1
ddos-dos-tools - some sort of ddos-tools
stretcher - Tool designed to help identify open Elasticsearch servers that are exposing sensitive information
TDScanner - 自动化检测小工具，主要实现了域名枚举、链接爬取、注入检测、主机扫描、目录枚举、敏感信息检测等功能~
sgk_data_handler - 社工库半自动处理
PicLocation - 快速获取图片的GPS和其拍摄地理位置
CANalyzat0r - Security analysis toolkit for proprietary car protocols
aztarna - aztarna, a footprinting tool for robots.
house-renting - Possibly the best practice of Scrapy and renting a house
mijisou - Privacy-respecting metasearch engine
Osmedeus - Fully automated offensive security tool for reconnaissance and vulnerability scanning
PrivExchange - Exchange your privileges for Domain Admin privs by abusing Exchange
py12306 - 🚂 12306 购票助手，支持分布式，多账号，多任务购票以及 Web 页面管理
Perun - Perun是一款主要适用于乙方安服、渗透测试人员和甲方RedTeam红队人员的网络资产漏洞扫描器/扫描框架
nmaptocsv - A simple python script to convert Nmap output to CSV
xcut - Enhanced cut command
xlparser - Parse file(xlsx/xls/csv) to other format(dict, csv, json, ...).
VulCloud - A Simple Web-UI for Vulhub (Docker) / 便捷的漏洞镜像管理部署Web应用
termtosvg - Record terminal sessions as SVG animations
Geetest3-Crack - 🤖 Geetest3 Distributed Cracking Platform 极验3代分布式破解平台
xupload - A tool for automatically testing whether the upload function can upload webshell
funNLP - 中英文敏感词、语言检测、中外手机/电话归属地/运营商查询、名字推断性别、手机号抽取、身份证抽取、邮箱抽取、中日文人名库、中文缩写库、拆字词典、词汇情感值、停用词、反动词表、暴恐词表、繁简体转换、英文模拟中文发音、汪峰歌词生成器、职业名称词库、同义词库、反义词库、否定词库、汽车品牌词库、汽车零件词库、连续英文切割、各种中文词向量、公司名字大全、古诗词库、IT词库、财经词库、成语词库、地名词库、历史名人词库、诗词词库、医学词库、饮食词库、法律词库、汽车词库、动物词库、中文聊天语料、中文谣言数据、百度中文问答数据集、句子相似度匹配算法集合、bert资源、文本生成&摘要相关工具、cocoNLP信息抽取工具、国内电话号码正则匹配、清华大学XLORE:中英文跨语言百科知识图谱、清华大学人工智能技术系列报告、自然语言生成、NLU太难了系列、自动对联数据及机器人、用户名黑名单列表、罪名法务名词及分类模型、微信公众号语料、cs224n深度学习自然语言处理课程、中文手写汉字识别、中文自然语言处理语料/数据集、变量命名神器、分词语料库+代码、任务型对话英文数据集、ASR 语音数据集 + 基于深度学习的中文语音识别系统、笑声检测器、Microsoft多语言数字/单位/如日期时间识别包、中华新华字典数据库及api(包括常用歇后语、成语、词语和汉字)、文档图谱自动生成、SpaCy 中文模型、Common Voice语音识别数据集新版、神经网络关系抽取、基于bert的命名实体识别、关键词(Keyphrase)抽取包pke、基于医疗领域知识图谱的问答系统、基于依存句法与语义角色标注的事件三元组抽取、依存句法分析4万句高质量标注数据、cnocr：用来做中文OCR的Python3包、中文人物关系知识图谱项目、中文nlp竞赛项目及代码汇总、中文字符数据、speech-aligner: 从“人声语音”及其“语言文本”产生音素级别时间对齐标注的工具、AmpliGraph: 知识图谱表示学习(Python)库：知识图谱概念链接预测、Scattertext 文本可视化(python)、语言/知识表示工具：BERT & ERNIE、中文对比英文自然语言处理NLP的区别综述、Synonyms中文近义词工具包、HarvestText领域自适应文本挖掘工具（新词发现-情感分析-实体链接等）、word2word：(Python)方便易用的多语言词-词对集：62种语言/3,564个多语言对、语音识别语料生成工具：从具有音频/字幕的在线视频创建自动语音识别(ASR)语料库、构建医疗实体识别的模型（包含词典和语料标注）、单文档非监督的关键词抽取、Kashgari中使用gpt-2语言模型、开源的金融投资数据提取工具、文本自动摘要库TextTeaser: 仅支持英文、人民日报语料处理工具集、一些关于自然语言的基本模型、基于14W歌曲知识库的问答尝试--功能包括歌词接龙and已知歌词找歌曲以及歌曲歌手歌词三角关系的问答、基于Siamese bilstm模型的相似句子判定模型并提供训练数据集和测试数据集、用Transformer编解码模型实现的根据Hacker News文章标题自动生成评论、用BERT进行序列标记和文本分类的模板代码、LitBank：NLP数据集——支持自然语言处理和计算人文学科任务的100部带标记英文小说语料、百度开源的基准信息抽取系统、虚假新闻数据集、Facebook: LAMA语言模型分析，提供Transformer-XL/BERT/ELMo/GPT预训练语言模型的统一访问接口、CommonsenseQA：面向常识的英文QA挑战、中文知识图谱资料、数据及工具、各大公司内部里大牛分享的技术文档 PDF 或者 PPT、自然语言生成SQL语句（英文）、中文NLP数据增强（EDA）工具、英文NLP数据增强工具、基于医药知识图谱的智能问答系统、京东商品知识图谱、基于mongodb存储的军事领域知识图谱问答项目、基于远监督的中文关系抽取、语音情感分析、中文ULMFiT-情感分析-文本分类-语料及模型、一个拍照做题程序、世界各国大规模人名库、一个利用有趣中文语料库 qingyun 训练出来的中文聊天机器人、中文聊天机器人seqGAN、省市区镇行政区划数据带拼音标注、教育行业新闻语料库包含自动文摘功能、开放了对话机器人-知识图谱-语义理解-自然语言处理工具及数据、中文知识图谱：基于百度百科中文页面-抽取三元组信息-构建中文知识图谱、masr: 中文语音识别-提供预训练模型-高识别率、Python音频数据增广库、中文全词覆盖BERT及两份阅读理解数据、ConvLab：开源多域端到端对话系统平台、中文自然语言处理数据集、基于最新版本rasa搭建的对话系统、基于TensorFlow和BERT的管道式实体及关系抽取。
WorkScripts - 信息安全工程师工作常用脚本
awesome-scoop - A collection of awesome resources for the scoop package manager for windows
mpDNS - Multi-Purpose DNS Server
h1domains - HackerOne "in scope" domains
tool - 渗透测试实用工具
FastWhatWebSearch - FastWhatWebSearch是一个能够支持搜索whatweb工具结果的一个微型平台。
stockbook - 豆瓣经典证券书籍收录并排名
CS_xor64 - cobaltstrike xor64.bin补完计划
NetEaseCloudMusic-nonmembership-list-download - 网易云音乐歌曲批量下载,免VIP【支持歌单,排名榜】
domained - Multi Tool Subdomain Enumeration
FuckFakeGitHubStars - GitHub 虚假 Star 净网行动
DNS_Transfer_Check - 一个用来批量检测网站是否存在域传送漏洞的Python脚本
Algorithm_Interview_Notes-Chinese - 2018/2019/校招/春招/秋招/算法/机器学习(Machine Learning)/深度学习(Deep Learning)/自然语言处理(NLP)/C/C++/Python/面试笔记
awesome-algorithm - 项目暂时冻结，本周会给大家一个答复
multi-v2ray - v2ray easy delpoy & manage tool， support multiple user & protocol manage
VulScan - 漏洞扫描：st2、tomcat、未授权访问等等
geektime_dl - 把极客时间装进Kindle
mail-security-tester - A testing framework for mail security and filtering solutions.
TTLScan - 一款简易的插件化的漏洞扫描器框架
F-Scrack -
airbug - Airbug(空气洞)，收集漏洞poc用于安全产品
TensorFlow-cn - 简单粗暴TensorFlow | A Concise Handbook of TensorFlow
SubDomainTakeoverTools -
WinHeap-Explorer - WinHeap Explorer repository.
Sec-Cheatsheets - Cheatsheets on security vulnerabilities and exploits.
btpanel-ss - 基于宝塔Linux面板的shadowsocks可视化管理插件,本人博客,欢迎大家指导
opencanary_web - The web management platform of honeypot
baize - 白泽自动化运维系统：配置管理、网络探测、资产管理、业务管理、CMDB、CD、DevOps、作业编排、任务编排等功能,未来将添加监控、报警、日志分析、大数据分析等部分内容
Web-App-Hacking-Notes - Notes I've taken while working through various web app pentesting labs.
hack-requests - The hack-requests is an http network library for hackers
SvnHack - 一个Svn信息泄露辅助工具，可以使用这个脚本列取网站目录，读取源码文件以及下载整站代码。
pureblood - A Penetration Testing Framework created for Hackers / Pentester / Bug Hunter
mybugscan - fofa_api+bugscan插件扫描
CMSeeK - CMS Detection and Exploitation suite - Scan WordPress, Joomla, Drupal and over 170 other CMSs
etherum_rpc_steal - The Etherum RPC Steal Toolset and honeypot .以太坊"偷渡"漏洞利用和蜜罐工具集.
EventMonitor - Event monitor based on online news corpus including event storyline and analysis，基于给定事件关键词，采集事件资讯，对事件进行挖掘和分析。
hacktronian - All in One Hacking Tool for Linux & Android
JPentest - Jumbo Python Penetration testing framework
superl-url - 通知：Star到350，增加Bing(必应)或者谷歌！！！根据关键词，对搜索引擎内容检索结果的网址内容进行采集的一款轻量级软程序。程序主要运用于安全渗透测试项目，以及批量评估各类CMS系统0DAY的影响程度，同时也是批量采集自己获取感兴趣的网站的一个小程序~~ 可自动从搜索引擎采集相关网站的真实地址与标题等信息，可保存为文件，自动去除重复URL。同时，也可以自定义忽略多条域名等。
PyOne - PyOne-一款给力的onedrive文件管理、分享程序
sshuttle - Transparent proxy server that works as a poor man's VPN. Forwards over ssh. Doesn't require admin. Works with Linux and MacOS. Supports DNS tunneling.
DB_BaseLine - 数据库基线检查工具
zhuye_kim - Django框架开发的仿zhuye.kim的简单个人主页/导航程序，带后台
auditCode - 通过POST git 地址，利用fortify 命令行进行代码审计，并且解析fpr把审计结果入库并转换为Pdf供下载查看
httpscan - 一个爬虫式的网段Web主机发现小工具 # A HTTP Service detector with a crawler from IP/CIDR
Fuxi-Scanner - Network Security Vulnerability Scanner
GitHack - .git 泄漏利用工具，可还原历史版本
penetration - 渗透超全面的渗透资料💯 包含：0day，xss，sql注入，提权……
Windows-Exploit-Suggester - This tool compares a targets patch levels against the Microsoft vulnerability database in order to detect potential missing patches on the target. It also notifies the user if there are public exploits and Metasploit modules available for the missing bulletins.
nlp - 兜哥出品 <一本开源的NLP入门书籍>
takeover - Sub-Domain TakeOver Vulnerability Scanner
teemo - A Domain Name & Email Address Collection Tool
tensorflow-1.4-billion-password-analysis - Deep Learning model to analyze a large corpus of clear text passwords.
waidps - Wireless Auditing, Intrusion Detection & Prevention System
Code-Confuse-Plugin - iOS代码混淆插件；A plugin to confuse codes in iOS Platform.
iGuardForPython -
OpsManage - 自动化运维平台: 代码及应用部署CI/CD、资产管理CMDB、计划任务管理平台、SQL审核|回滚、任务调度、站内WIKI
attackintel - A python script to query the MITRE ATT&CK API for tactics, techniques, mitigations, & detection methods for specific threat groups.
prowler - Distributed Network Vulnerability Scanner
scylla - Intelligent proxy pool for Humans™ [Maintainer needed]
Galileo - Galileo - Web Application Audit Framework
struts-scan - Python2编写的struts2漏洞全版本检测和利用工具
windows_sshagent_extract - PoC code to extract private keys from Windows 10's built in ssh-agent service
w8fuckcdn - Get website IP address by scanning the entire net 通过扫描全网绕过CDN获取网站IP地址
awesome-scripts - useful scripts for Linux op
Pentest-tools - 内网渗透工具
PHP_Source_Audit_Tools - PHP 白盒分析工具,结合AST 和数据流跟踪分析代码,达到自动化白盒审计功能
SourceLeakHacker - 🐛 A multi threads web application source leak scanner
Intranet-Penetration - 内网渗透必备工具。
CVE-2018-9995_dvr_credentials - (CVE-2018-9995) Get DVR Credentials
btScan - 批量漏洞扫描框架
Bug-Project-Framework - 漏洞利用框架模块分享仓库
docker_api_vul - docker 未授权访问漏洞利用脚本
canari3 - Canari v3 - next gen Maltego framework for rapid remote and local transform development
SecurityTools - A single repository for any security tools, scripts, documentation, etc. that I add
Astra - Automated Security Testing For REST API's
rpivot - socks4 reverse proxy for penetration testing
pentest-notes -
passphrase-wordlist - Passphrase wordlist and hashcat rules for offline cracking of long, complex passwords
FindFrontableDomains - Search for potential frontable domains
office-exploits - office-exploits Office漏洞集合 https://www.sec-wiki.com
ccupp - 基于社会工程学的弱口令密码字典生成工具
WinPwnage - UAC bypass, Elevate, Persistence and Execution methods
Gitmails - An information gathering tool to collect git commit emails in version control host services
WHP - Micro$oft Windows Hacking Pack
ProxyPool - 高匿代理IP池
GetExpiredDomains - Search for available domain from expireddomains.net
CVE-2018-7600 - Exploit for Drupal 7 <= 7.57 CVE-2018-7600
jni_helper - Android SO自动化分析工具
hackbox - HackBox is the combination of awesome techniques. [1] - Xss [2] - Exploits [3] - Subdomain scanner [4] - Whois Lookup [5] - SSRF Injection [6] - Nmap Auto banner [7] - Js Url parser [8] - Web Headers [9] - Listener [10] - Current Network Stats [11] - CORS Misconfig [12] - AWS S3 Misconfig
AsyncHttpsDNS - DNS Over Https Powered By Asyncio
PRCDNS - 准确、CDN友好
bjdns - A dns server which can protect yourself against DNS poisoning in China. / 抗污染带缓存的dns服务器
awesome-hacking - Awesome hacking is an awesome collection of hacking tools.
DnsCryptProxyPiTool - DnsCrypt Proxy 2 for PiHole Raspberry Pi 3
py-kms - A KMS server written in python.
SMBrute - SMB Protocol Bruteforce
AutoLocalPrivilegeEscalation - An automated script that download potential exploit for linux kernel from exploitdb, and compile them automatically
crackedmysql -
AWVS11_Python3 - 之前做系统，要对接AWVS11，写了一个可以python3的调用文档，感兴趣的可以看看
LayerPyAwvs - Python结合Layer子域名挖掘机实现Awvs自动扫描
scripts - Simple repo just for fun and for personal usage. Use them at your own risk.
codeface - Typefaces for source code beautification
Awesome-TensorFlow-Chinese - Awesome-TensorFlow-Chinese，TensorFlow 中文资源精选，官方网站，安装教程，入门教程，视频教程，实战项目，学习路径。QQ群：167122861，公众号：磐创AI，微信群二维码：http://www.tensorflownews.com/
NagaScan - NagaScan is a distributed passive scanner for Web application.
SMBRat - A Windows Remote Administration Tool in Visual Basic with UNC paths
BugBountySubdomains - Tools to gather subdomains from Bug Bounty programs
DHT_sniffer - DHT 公网嗅探器
patchwork - Patchwork is a web-based patch tracking system designed to facilitate the contribution and management of contributions to an open-source project.
FakeDns - A regular-expression based python MITM DNS server with support for DNS Rebinding attacks
lalascan - 自主开发的分布式web漏洞扫描框架，集合webkit爬虫，Subdomain子域名发现，sqli、反射xss、Domxss等owasp top10漏洞扫描和边界资产发现能力。同时为通用CMS POC扫描提供了插件扩展平台
plus1s.live - 🐸ASCII在线视频流搭建脚本
pyrexecd - Standalone SSH server for Windows
pysheeet - Python Cheat Sheet
PT-help -
DBScanner - 自动扫描内网常见sql、no-sql数据库脚本(mysql、mssql、oracle、postgresql、redis、mongodb、memcached、elasticsearch)，包含未授权访问及常规弱口令检测
CVE-2017-10271 - WebLogic Exploit
PyQuickInstall - ⚡⚡⚡超好用的pip下载加速工具，谁用谁知道！
PyRat - PyRat，a rat by python xmlrpc
S7scan - a pentest scanner / 一个漏洞综合利用工具轮子，大佬请忽略
blogroll - 世界一流兼容并包TUNA协会收集的周围同学们的Blog
flare-fakenet-ng - FakeNet-NG - Next Generation Dynamic Network Analysis Tool
chinese-poetry - 最全中华古诗词数据库, 唐宋两朝近一万四千古诗人, 接近5.5万首唐诗加26万宋诗. 两宋时期1564位词人，21050首词。
Memcrashed-DDoS-Exploit - DDoS attack tool for sending forged UDP packets to vulnerable Memcached servers obtained using Shodan API
TIDoS-Framework - A web-penetration testing toolkit, presently suited for reconnaissance purposes.
LaZagne - Credentials recovery project
WAScan - WAScan - Web Application Scanner
twitter-scraper - Scrape the Twitter Frontend API without authentication.
ESD - Enumeration sub domains(枚举子域名)
Tunna - Tunna is a set of tools which will wrap and tunnel any TCP communication over HTTP. It can be used to bypass network restrictions in fully firewalled environments.
DoubanHistory - 豆瓣热映电影30天历史评分
msdat - MSDAT: Microsoft SQL Database Attacking Tool
src_edu - 为各位出色的渗透工程师提供攻击目标。
Pymap-Scanner -
securecrt-tools - SecureCRT scripts, written in Python, for doing various tasks when connected to Cisco equipment.
vbs-reverse-shell - VBS reverse shell scripts
feed - Some feeds output from feedly.
TPLINKKEY - 根据TPLINK系列路由器存在的漏洞批量扫描获取wifi密码
sparta - Network Infrastructure Penetration Testing Tool
mimipenguin - Mimipenguin密码抓取神器
security-tools - Collection of small security tools created mostly in Python. CTFs, pentests and so on
onlinetools - 在线cms识别|旁站|c段|信息泄露|工控|系统|物联网安全|cms漏洞扫描|nmap端口扫描|子域名获取|待续..
Sickle - Shellcode development tool
InSpy - A python based LinkedIn enumeration tool
uPing - 一个24小时监测VPS延迟的工具
CVE-2018-6389 - CVE-2018-6389 Exploit In WordPress DoS
svnExploit - SvnExploit支持SVN源代码泄露全版本Dump源码
kiwi - kiwi：安全源码审计工具
windapsearch - Python script to enumerate users, groups and computers from a Windows domain through LDAP queries
dbLeakscan - this scanner try to scan some dbbak or ctf #源码泄露
SQLiScanner - Automatic SQL injection with Charles and sqlmap api
Biu-framework - Biu-framework🚀 Security Scan Framework For Enterprise Intranet Based Services(企业内网基础服务安全扫描框架)
when-changed - Execute a command when a file is changed
CVE-2018-0802 - PoC Exploit for CVE-2018-0802 (and optionally CVE-2017-11882)
ansible-pentest-deploy - Using Ansible as an orchestrator, this project is another solution for testers looking to configure and deploy a new VM or VPS box with the tools that they need for penetration testing.
Infoga - Infoga - Email OSINT
hate_crack - A tool for automating cracking methodologies through Hashcat from the TrustedSec team.
AutoSploit - Automated Mass Exploiter
QQLocation -
ZeroScan - ZeroScan is a tool that auto gathers subdomains and scan ports
fuxploider - File upload vulnerability scanner and exploitation tool.
WiFi-Miner-Detector - Detecting malicious WiFi with mining cryptocurrency.
gasmask - Information gathering tool - OSINT
DNSLog - DNSLog 是一款监控 DNS 解析记录和 HTTP 访问记录的工具。
ver-observer - Detection version of framework \ CMS \ dev-dependence on target website.
SecRss - RSS安全订阅每日安全信息推送
ojbk_jiexi - ojbk视频解析源码，支持tumblr/2mm/91porn/微博
wiki2post - 自动从 wiki 目录生成静态博客所需所有 Markdown 文件以及自动化部署、备份流程
bug-monitor - Seebug、structs、cve漏洞实时监控推送系统🔦
Infosec_Reference - An Information Security Reference That Doesn't Suck
shadowProxy -
kinproxy - my implements transparent proxies (mitmproxy) can use to intercept and manipulate HTTP traffic modifying requests and responses. CLI
medfusion-4000-research - Medfusion 4000 security research & a MQX RCE.
Stitch - Python Remote Administration Tool (RAT)
MaltegoNessusParser - Maltego transform for visualizing Nessus scan data
EvilURL - Generate unicode evil domains for IDN Homograph Attack and detect them.
MySQL-Scripts - 收集的一些MySQL维护脚本
koadic - Koadic C3 COM Command & Control - JScript RAT
BlackWidow - A Python based web application scanner to gather OSINT and fuzz for OWASP vulnerabilities on a target website.
One-Lin3r - Gives you one-liners that aids in penetration testing operations, privilege escalation and more
GTScan - The Nmap Scanner for Telco
Awvs_Nessus_Scanner_API - 扫描器Awvs 11和Nessus 7 Api利用脚本
OWASP-Nettacker - Automated Penetration Testing Framework
PHP-code-audit - php code audit for cms vulnerabilities / 代码审计，对一些大型cms漏洞的复现研究，更新源码和漏洞exp
GSIL - GitHub Sensitive Information Leakage（GitHub敏感信息泄露监控）
CTF_tools - 用于CTF密码学和编码转换的小工具
better-ctf-tools - 更好的ctf密码学加解密及编解码工具
mitm6 - pwning IPv4 via IPv6
reverse-engineering-reference-manual - collage of reverse engineering topics that I find interesting
RTF_11882_0802 - PoC for CVE-2018-0802 And CVE-2017-11882
fsociety - fsociety Hacking Tools Pack – A Penetration Testing Framework
webknife - Web在线菜刀
webdirdig - web敏感目录、信息泄漏批量扫描脚本，结合爬虫、目录深度遍历。
pytrader - cryptocurrency trading robot
crypto-signal - Automated Crypto Trading & Technical Analysis (TA) Bot for Bittrex, Binance, GDAX, and more! (250+ coins)
cisco-snmp-rce - Cisco IOS SNMP RCE PoC
py-evm - A Python implementation of the Ethereum Virtual Machine
DiscoverSubdomain - 前渗透信息探测工具集-子域名
xcdn - 尝试找出cdn背后的真实ip
borgmatic - Simple, configuration-driven backup software for servers and workstations
coolq-telegram-bot - QQ <-> Telegram Bot Framework & Forwarder
PublicMonitors - 对公网IP列表进行端口服务扫描，发现周期内的端口服务变化情况和弱口令安全风险
AuditdPy - Linux服务器命令监控辅助脚本，ElasticSearch + Logstash + Kibana + Redis + Auditd
exchangecrack - 用于探测公司用户是否存在弱口令
cmsPoc - CMS渗透测试框架-A CMS Exploit Framework
crlf-injector - A CRLF ( Carriage Return Line Feed ) Injection attack occurs when a user manages to submit a CRLF into an application. This is most commonly done by modifying an HTTP parameter or URL.
parameth - This tool can be used to brute discover GET and POST parameters
dorkbot - Command-line tool to scan Google search results for vulnerabilities
WebAppSec - Web Application Security
GWT-3D -
SitePathScan - 网站路径扫描脚本
GSDF - A domain searcher named GoogleSSLdomainFinder - 基于谷歌SSL透明证书的子域名查询工具
PubilcAssetInfo - 以甲方安全人员的视角，尽可能收集发现企业的域名和服务器公网IP资产
Hacking - hacking is a kind of spirit !
sadb - (safe adb) More convenient to operate adb for multiple connected devices
passmaker - 可以自定义规则的密码字典生成器,支持图形界面 A password-generator that base on the rules that you specified
public-apis - A collective list of free APIs for use in software and web development.
toapi - Every web site provides APIs.
CVE-2017-10271 - CVE-2017-10271 WEBLOGIC RCE (TESTED)
BeRoot - Privilege Escalation Project - Windows / Linux / Mac
CryptoHub_Bot - Everything you desire in the revolution of cryptocurrency.
QUANTAXIS - QUANTAXIS 股票/期货/自定义市场数据/回测/模拟/交易/可视化纯本地一站式解决方案
abu - 阿布量化交易系统(股票，期权，期货，比特币，机器学习) 基于python的开源量化交易，量化投资架构
PassGAN - A Deep Learning Approach for Password Guessing (https://arxiv.org/abs/1709.00440)
mdpicker-qiniu - ✂️ 简化使用 markdown 写作时插入图片的繁琐流程，自动将截图后剪贴板中的图片上传至个人七牛云空间，并获取图片外链，输出到剪贴板
gy - Yet another .gitignore magician in your command line.
S3Scanner - Scan for open AWS S3 buckets and dump the contents
Anubis - Subdomain enumeration and information gathering tool
Decept - Decept Network Protocol Proxy
weblate - Web based localization tool with tight version control integration.
003Recon - Some tools to automate recon - 003random
awada - lcx in python edition
pritunl - Enterprise VPN server
ssh_keyscanner - ssh public host key scanner using shodan
nmap-erpscan - Nmap custom probes for better detecting SAP services
SAP_vulnerabilities - DoS PoC's for SAP products
Shadowrocket-ADBlock-Rules - 提供多款 Shadowrocket 规则，带广告过滤功能。用于 iOS 未越狱设备选择性地自动翻墙。
pipenv - Python Development Workflow for Humans.
JavaID - java source code static code analysis and danger function identify prog
CVE-2017-11882 - CVE-2017-11882 from https://github.com/embedi/CVE-2017-11882
CVE-2017-11882 - Proof-of-Concept exploits for CVE-2017-11882
mirror - rsync scheduler for open source mirror site (initially for mirror.bjtu.edu.cn)
CVE-2017-13089 - CVE-2017-13089
Striker - Striker is an offensive information and vulnerability scanner.
aws_list_all - List all your AWS resources, all regions, all services.
SpookFlare - Loader, dropper generator with multiple features for bypassing client-side and network-side countermeasures.
P4wnP1 - P4wnP1 is a highly customizable USB attack platform, based on a low cost Raspberry Pi Zero or Raspberry Pi Zero W.
dnstwist - Domain name permutation engine for detecting typo squatting, phishing and corporate espionage
AngelSword - Python3编写的CMS漏洞检测框架
netflix-no-ipv6-dns-proxy - Fix for Netflix blocking various IPv6 tunnels by returning no results for AAAA queries of Netflix domains
cheat.sh - the only cheat sheet you need
rtcp - 利用 Python 的 Socket 端口转发，用于远程维护
Cobra-W - Cobra-W -> Cobra-White 白盒源代码审计工具-白帽子版
ipv6-hosts - Fork of https://code.google.com/archive/p/ipv6-hosts/, focusing on automation
Some-PoC-oR-ExP - 各种漏洞poc、Exp的收集或编写
kimsufi-crawler - Crawler that will send you an email alert as soon as servers on OVH/Kimsufi become available for purchase
zmirror - The next-gen reverse proxy for full site mirroring
CloudXNS-DDNS - The Python shell of CloudXNS DDNS
speedtest-cli - Command line interface for testing internet bandwidth using speedtest.net
raspberry-pi-tutorials - 面向软件工程师的树莓派入门教程
VHostScan - A virtual host scanner that performs reverse lookups, can be used with pivot tools, detect catch-all scenarios, work around wildcards, aliases and dynamic default pages.
ss-panel-and-ss-py-mu -
resizeup - Dropzone3's Action Plugin - Markdown insert images solution
SSHPry2.0 - SSHPry v2 - Spy & Control os SSH Connected client's TTY
cipherscan - A very simple way to find out which SSL ciphersuites are supported by a target.
ThunderShell - Python / C# Unmanaged PowerShell based RAT
CVE-2017-0785 - Blueborne CVE-2017-0785 Android information leak vulnerability
dnsmasq-china-list - Chinese-specific configuration to improve your favorite DNS server. Best partner for chnroutes.
apt2 - automated penetration toolkit
sov2ex - A site search for V2EX
SniffAir - A framework for wireless pentesting.
LFiFreak - A unique automated LFi Exploiter with Bind/Reverse Shells
Zeus-Scanner - Advanced reconnaissance utility
domato - DOM fuzzer
sshpry - Seamlessly spy on SSH session like it is your tty
net-creds - Sniffs sensitive data from interface or pcap
binaryalert - BinaryAlert: Serverless, Real-time & Retroactive Malware Detection. Good news, we are hiring!!!!!!!! https://careers.airbnb.com/positions/213964/
Githubscan - Githubscan
PasteHunter - Scanning pastebin with yara rules
SSRF-Testing - SSRF (Server Side Request Forgery) testing resources
Routerhunter-2.0 - Testing vulnerabilities in devices and routers connected to the Internet.
Yuki-Chan-The-Auto-Pentest - Automate Pentest Tool
pdfdir - PDF导航（大纲/目录）添加工具
whichCDN - WhichCDN allows to detect if a given website is protected by a Content Delivery Network
GreatSCT - The project is called Great SCT (Great Scott). Great SCT is an open source project to generate application white list bypasses. This tool is intended for BOTH red and blue team.
Webshell-Sniper - 🔨 Manage your website via terminal
LeaderF - An asynchronous fuzzy finder which is used to quickly locate files, buffers, mrus, tags, etc. in large project.
S2-053-CVE-2017-12611 - A simple script for exploit RCE for Struts 2 S2-053(CVE-2017-12611)
gitfiti - abusing github commit history for the lulz
linuxprivchecker - linuxprivchecker.py -- a Linux Privilege Escalation Check Script
PixivUtil2 - Download images from Pixiv and more!
beeswarm - Honeypot deployment made easy
vpngate-with-proxy - vpn gate client for linux, be able to connect to open vpn server through proxy
LocalizedMenu - Localize Tool & Localized Menu for Sublime Text 2/3 End User. Localization with 简体中文(Simplified Chinese)/繁体中文(Traditional Chinese)/Русский(Russian)/Español(Spanish)/Հայերեն(Armenian)/Svenska(Swedish)/Français(French)/Any other language.
webzmap - Zmap on Web
explo - Human and machine readable web vulnerability testing format
wtfpython - A collection of surprising Python snippets and lesser-known features.
LANs.py - Inject code and spy on wifi users
Wordpresscan - WPScan rewritten in Python + some WPSeku ideas
IOT-Protect-Continous-Vulnerability-Scanner - A continous vulnerability scanner which scanys for Qbot and Mirai vulnerabilites and displays results in a browser
2FAssassin - Bypass Two-Factor-Authentication
wetland - A high interaction SSH honeypot
Http-Proxy-Scan - Use Censys.io Scan Http Proxy
domain_analyzer - Analyze the security of any domain by finding all the information possible. Made in python.
CyberThreatHunting - A collection of resources for Threat Hunters
JoomlaScan - A free software to find the components installed in Joomla CMS, built out of the ashes of Joomscan.
silverblog - A fast and lightweight blog framework based on Python3 development
RsaCtfTool - RSA attack tool (mainly for ctf) - retreive private key from weak public key and/or uncipher data
rsatool - rsatool can be used to calculate RSA and RSA-CRT parameters
db_security - 数据库安全审计平台
rangehttpserver - Python module that implements a simple HTTP server that understands the HTTP Range header.
qiniu4blog - 使用七牛云存储创建自己的图床,用于写博客
QQSpider - QQ空间爬虫（日志、说说、个人信息）
coderzh-hugo-blog - My Perfect Hugo Blog
windows-privesc-check - Standalone Executable to Check for Simple Privilege Escalation Vectors on Windows Systems
reGeorg - The successor to reDuh, pwn a bastion webserver and create SOCKS proxies through the DMZ. Pivot and pwn.
cansina - Web Content Discovery Tool
wait-for-it - Pure bash script to test and wait on the availability of a TCP host and port
morph - An open source fuzzing framework for fun.
sniffROM - A tool for passive data capture and reconnaissance of serial flash chips. It is used in conjunction with a Saleae logic analyzer to reconstruct flash memory contents and extract contextual information about device operations.
backHack - backHack, a tool to perform Android app analysis by backing up and extracting apps, allowing you to analyze and modify file system contents for apps.
PassiveScanner - a passive scanner based on Mitmproxy and Arachni
git-repo-updater - A console script that allows you to easily update multiple git repositories at once
arch-wiki-docs - A script to download pages from Arch Wiki for offline browsing
fthreadpool - 线程池模块，增加超时监控，自动Kill
wifite2 - Rewrite of the popular wireless network auditor, "wifite"
Tor2web - Tor2web is an HTTP proxy software that enables access to Tor Hidden Services by mean of common web browsers
hxsec_search -
DET - (extensible) Data Exfiltration Toolkit (DET)
Vulny-Code-Static-Analysis - Basic script to detect vulnerabilities into a PHP source code using statical analysis, based on regex
onioff - 🌰 An onion url inspector for inspecting deep web links.
GithubCloner - A script that clones Github repositories of users and organizations.
awesome-industrial-control-system-security - A curated list of resources related to Industrial Control System (ICS) security.
FileScan - FileScan: 敏感文件扫描 / 二次判断降低误报率 / 扫描内容规则化 / 多目录扫描
OSINT-SPY - Performs OSINT scan on email/domain/ip_address/organization using OSINT-SPY. It can be used by Data Miners, Infosec Researchers, Penetration Testers and cyber crime investigator in order to find deep information about their target. If you want to ask something please feel free to reach out to me at [email protected]
netease-cloud-music-dl - Netease cloud music song downloader, with full ID3 metadata, eg: front cover image, artist name, album name, song title and so on.
UserDeviceTracker - 快速定位一个IP或MAC在你的网络中的位置，是网络工程师提高工作效率的利器，也可以为CMDB提供基础网络数据。
scan_webshell - 很简单的webshell扫描
parseNTFS - Simple NTFS crawler.
ppsx-file-generator - ppsx file generator for cve-2017-8570 (based on bhdresh/cve-2017-8570)
shadowsocksr - Python port of ShadowsocksR
defcon25-public - Publicly released tools/plugins from PPP for DEFCON 25 CTF Finals
HUNT -
jenkins-cve-2016-0792 - Exploit for Jenkins serialization vulnerability - CVE-2016-0792
ja3 - JA3 is a standard for creating SSL client fingerprints in an easy to produce and shareable way.
inforfinder - Inforfinder is a tool to collect information of any domains pointing at some server (ip, domain, range, file). Is able to detect all domains pointing to an IP address and detect CMS version installed in a web (Wordpress, Joomla, prestashop, etc), also is able to detect PHP version, Web Server version, Plesk version...
pydictor - A powerful and useful hacker dictionary builder for a brute-force attack
DL_for_xss - Deep learnning for detection with xss
sssniff - ShadowSocks(SS) traffic sniffer
ReconDog - Reconnaissance Swiss Army Knife
altdns - Generates permutations, alterations and mutations of subdomains and then resolves them
dowsDNS - 快速翻跃**防火墙
XX-Net - a web proxy tool
GoAgent-Always-Available - 一直可用的GoAgent，会定时扫描可用的google gae ip，提供可自动化获取ip运行的版本
backuptoqiniu - 备份vps到七牛云存储脚本
calibre-web - 📚 Web app for browsing, reading and downloading eBooks stored in a Calibre database
sec-awvs-agent - High Concurrency of Awvs Scan Agent By AWVS HTTP API
FuckSubDomain - FuckSubDomain(FSD) is a fast find Subdomain tool.
aget - Aget - Asynchronous Downloader
my-boring-python - shhh.... sth interesting
freedomfighting - A collection of scripts which may come in handy during your freedom fighting activities.
bugcrowd-levelup-subdomain-enumeration - This repository contains all the material from the talk "Esoteric sub-domain enumeration techniques" given at Bugcrowd LevelUp 2017 virtual conference
ChineseNER - A neural network model for Chinese named entity recognition
katoolin4china - Kali tools installer
shodanwave - Shodanwave is a tool for exploring and obtaining information from Netwave IP Camera.
rtcp -
rdiff-backup - rdiff-backup
magic-wormhole - get things from one computer to another, safely
PRET - Printer Exploitation Toolkit - The tool that made dumpster diving obsolete.
mps-youtube - Terminal based YouTube player and downloader
shootback - a reverse TCP tunnel let you access target behind NAT or firewall
OSINTretasNoHayPastebines - Trabajo de OSINT para búsqueda de patrones en pastebin.
awesome-math - A curated list of awesome mathematics resources
python-idb - Pure Python parser and analyzer for IDA Pro database files (.idb).
tornado - Tornado is a Python web framework and asynchronous networking library, originally developed at FriendFeed.
Struts2-048 - CVE-2017-9791
ctf-crypto-writeups -
AWSBucketDump - Security Tool to Look For Interesting Files in S3 Buckets
ssl_logger - Decrypts and logs a process's SSL traffic.
crackcoin - Very basic blockchain-free cryptocurrency PoC in Python
lightbulb-framework - Tools for auditing WAFS
WMD - Python framework for IT security tools
borg-import - importer for rsync+hardlink based backups / rsnapshot
bcloud - 百度网盘的linux桌面客户端
retext - ReText: Simple but powerful editor for Markdown and reStructuredText
osxcollector - A forensic evidence collection & analysis toolkit for OS X
CloudFail - Utilize misconfigured DNS and old database records to find hidden IP's behind the CloudFlare network
LFISuite - Totally Automatic LFI Exploiter (+ Reverse Shell) and Scanner
RFIDIOt - python RFID / NFC library & tools
web3.py - A python interface for interacting with the Ethereum blockchain and ecosystem.
firmware-analysis-toolkit - Toolkit to emulate firmware and analyse it for security vulnerabilities
brutespray - Brute-Forcing from Nmap output - Automatically attempts default creds on found services.
CTFd - CTFs as you need them
fibratus - Tool for exploration and tracing of the Windows kernel
Dr0p1t-Framework - A framework that create an advanced stealthy dropper that bypass most AVs and have a lot of tricks
autoDANE - Auto Domain Admin and Network Exploitation.
FeelUOwn - trying to be a user-friendly and hackable music player
htcap - htcap is a web application scanner able to crawl single page application (SPA) in a recursive manner by intercepting ajax calls and DOM changes.
Winpayloads - Undetectable Windows Payload Generation
TextRank4ZH - 🌳从中文文本中自动提取关键词和摘要
bitcoinbook - Mastering Bitcoin 2nd Edition - Programming the Open Blockchain
wikiextractor - A tool for extracting plain text from Wikipedia dumps
bypass_waf - waf自动爆破(绕过)工具
crawler-user-agents - Syntactic patterns of HTTP user-agents used by bots / robots / crawlers / scrapers / spiders. pull-request welcome ⭐
PocCollect - a plenty of poc based on python
pyfiscan - Free web-application vulnerability and version scanner
dnsAutoRebinding - ssrf、ssrfIntranetFuzz、dnsRebinding、recordEncode、dnsPoisoning、Support ipv4/ipv6
pentestly - Python and Powershell internal penetration testing framework
HEVD-Exploits - Various exploits for the HackSys Extreme Vulnerable Driver
struts2_check - 一个用于识别目标网站是否采用Struts2框架开发的工具demo
sudo-backdoor - Wraps sudo; transparently steals user's credentials and exfiltrate over DNS. For those annoying times when you get a shell/file write on a sudoers account and need to leverage their credentials.
crossdomainscanner - Python tool for expired domain discovery in crossdomain.xml files
discover-books - 📚 发现图书
passive_scan - 基于http代理的web漏洞扫描器的实现
getproxy - getproxy 是一个抓取发放代理网站，获取 http/https 代理的程序
xunfengES -
keysniffer-poc - Simple PoC Linux keysniffer showing impact of a lack of GUI-isolation in X display server.
WPSeku - WPSeku - Wordpress Security Scanner
goSecure - An easy to use and portable Virtual Private Network (VPN) system built with Linux and a Raspberry Pi. #nsacyber
salt-scanner - Linux vulnerability scanner based on Salt Open and Vulners audit API, with Slack notifications and JIRA integration
rtfm - A database of common, interesting or useful commands, in one handy referable form
cupper - It comes!!
java-binary-deserializer - Java Binary data Deserializer/Serializer - Convert serialized Java Objects into readable XML
F-NAScan - Scanning a network asset information script
ReconScan - Network reconnaissance and vulnerability assessment tools.
crack-geetest - 滑动验证码破解示例，仅供学习使用。
DamnWebScanner - Another web vulnerabilities scanner, this extension works on Chrome and Opera
domainhunter - Checks expired domains for categorization/reputation and Archive.org history to determine good candidates for phishing and C2 domain names
dirsearch - Web path scanner
gain - Web crawling framework based on asyncio.
wafpass - Analysing parameters with all payloads' bypass methods, aiming at benchmarking security solutions like WAF.
WordSteal - This script will create a POC that will steal NTML hashes from a remote computer. Do not use this for illegal purposes.The author does not keep responsibility for any illegal action you do.
win_driver_plugin - A tool to help when dealing with Windows IOCTL codes or reversing Windows drivers.
cryptoradio - Python script to encrypt and publish on Twitter. Also decrypt tweets from file
java-deserialization-exploits - A collection of curated Java Deserialization Exploits
svn_git_scanner - 用于扫描git，svn泄露
CVE-2017-7494 - Remote root exploit for the SAMBA CVE-2017-7494 vulnerability
ansigenome - A tool to help you gather information and manage your Ansible roles.
debops-tools - Your Debian-based data center in a box
debops-playbooks - Ansible playbooks used by DebOps project
subdomain3 - A new generation of tool for discovering subdomains( ip , cdn and so on)
datasploit - A tool to perform various OSINT techniques, aggregate all the raw data, visualise it on a dashboard, and facilitate alerting and monitoring on the data.
svn-extractor - simple script to extract all web resources by means of .SVN folder exposed over network.
Fwaf-Machine-Learning-driven-Web-Application-Firewall - Machine learning driven web application firewall to detect malicious queries with high accuracy.
portSpider - 🕷 A lightning fast multithreaded network scanner framework with modules.
getsploit - Command line utility for searching and downloading exploits
subbrute - A DNS meta-query spider that enumerates DNS records, and subdomains.
fshell - 基于机器学习的分布式webshell检测系统
SweetSecurity - Network Security Monitoring on Raspberry Pi type devices
BurpSmartBuster - A Burp Suite content discovery plugin that add the smart into the Buster!
owtf - Offensive Web Testing Framework (OWTF), is a framework which tries to unite great tools and make pen testing more efficient http://owtf.org https://twitter.com/owtfp
maltrail - Malicious traffic detection system
gibbersense - Extract Sense out of Gibberish stuff
morphHTA - morphHTA - Morphing Cobalt Strike's evil.HTA
pwn-tools - Various tools I have made for pwnage.
HVACScanner - Locates Honeywell/Tridium/Niagara HVAC JACEs/Controllers via HTTP fingerprints/strings. Very handy for vulnerability/pentesting.
zabbixPwn - Zabbix Jsrpc.php Injection Exploit
microscan - MicroScan 基于B/S架构微扫描器
osrframework - OSRFramework, the Open Sources Research Framework is a AGPLv3+ project by i3visio focused on providing API and tools to perform more accurate online researches.
PowerLessShell - Run PowerShell command without invoking powershell.exe
musicbox - 网易云音乐命令行版本
SambaHunter - It is a simple script to exploit RCE for Samba (CVE-2017-7494 ).
DeathStar - Automate getting Domain Admin using Empire
sqlparse - A non-validating SQL parser module for Python
mec - for concurrent exploiting
NXcrypt - NXcrypt - 'python backdoor' framework
denyhosts - Automated host blocking from SSH brute force attacks
python3-cookbook - 《Python Cookbook》 3rd Edition Translation
Reverse_DNS_Shell - A python reverse shell that uses DNS as the c2 channel
ICS-Vulnerabilities - Some ICS Vulnerabilities I've found will be listed here.
Password-Guessing-Framework - A Framework for Comparing Password Guessing Strategies
osint-series - Source codes related to the articles about OSINT. Using social media APIs and Python language.
kali-tools - Run Kali tools on all distributions. Offline search, including in package descriptions.
cve-2017-7494 - Proof-of-Concept exploit for CVE-2017-7494(Samba RCE from a writable share)
osint_tools_security_auditing - osint_tools_security_auditing
CoolPool - 仓库已经废弃，新仓库地址
osint-combiner - Combining OSINT sources in Elastic Stack
Mastodon-OSINT - Scripts related to Mastodon investigations
hostintel - A modular Python application to collect intelligence for malicious hosts.
flunym0us - Flunym0us is a Vulnerability Scanner for Wordpress and Moodle designed by Flu Project Team. Flunym0us has been developed in Python. Flunym0us performs dictionary attacks against Web sites. By default, Flunym0us includes a dictionary for Wordpress and other for Moodle.
burp-ui - Burp-UI is a web-ui for burp backup written in python with Flask and jQuery/Bootstrap
BoopSuite - A Suite of Tools written in Python for wireless auditing and security testing.
cangibrina - A fast and powerfull dashboard (admin) finder
IDASynergy - A combination of an IDAPython Plugin and a control version system that result in a new reverse engineering collaborative addon for IDA Pro. By
ms17-010-m4ss-sc4nn3r - MS17-010 multithreading scanner written in python.
ICS-Security-Tools - Tools, tips, tricks, and more for exploring ICS Security.
free-PACKT-eBooks-Crawler - A tool for claim and save PACKT's FREE TECHNOLOGY EBOOKS.
ssct - A wrapper tool for shadowsocks to consistently bypass firewalls.
burpproxypacextension - Exemple d'extension Burp permettant d'utiliser les fichiers de configuration de proxy PAC
Joomla3.7-SQLi-CVE-2017-8917 - Joomla 3.7 SQL injection (CVE-2017-8917)
CVE-2017-7269-Echo-PoC - CVE-2017-7269 回显PoC ,用于远程漏洞检测..
code - The sourecode
deep-anpr - Using neural networks to build an automatic number plate recognition system
BrainDamage - Remote administration tool which uses Telegram as a C&C server
CVE-2017-3599 - Proof of concept exploit for CVE-2017-3599
routerz - Some exploits for ZeroNights 0x03
ZTExploit - ZTE ZXV10 H108L Router with <= V1.0.01_WIND_A01 - Remote root RCE Exploit
rexploit - RExploit (Router Exploitation) is a tool that search exploits for any router SOHO. It is written on Python and QT.
Huawei - Some Of Huawei Routers Exploits
github-dorks - Collection of github dorks and helper tool to automate the process of checking dorks
goMS17-010 - Simple program for detecting if host(s) are vulnerable to SMB exploit(MS17-010)
gnunigma-python - Enigma encryption machine emulation in Python.
CatMyPhish - Search for categorized domain
AnyScan - AnyScan
microsoftSpider - 爬取微软漏洞信息，MS对应的每个版本操作系统KB号以及补丁下载地址。
HexRaysPyTools - IDA Pro plugin which improves work with HexRays decompiler and helps in process of reconstruction structures and classes
IIS_shortname_Scanner - an IIS shortname Scanner
ds_store_exp - A .DS_Store file disclosure exploit. It parses .DS_Store file and downloads files recursively.
Forensic-Tools - A collection of tools for forensic analysis
howmanypeoplearearound - Count the number of people around you 👨‍👨‍👦 by monitoring wifi signals 📡
clean-baidutieba - 删除自己在百度贴吧的发帖和回复
fuzzbunch-debian - Fuzzbunch deployment for Debian - Intructions: Readme.md
EyeWitness - EyeWitness is designed to take screenshots of websites, provide some server header info, and identify default credentials if possible.
QQParking - QQBot, QQ机器人，用于QQ挂机。自动回复私聊及临时对话，记录留言并转发至邮箱，账号（被踢）下线邮件提醒。
QBotWebWrap - Web Wrap for QBot series QQ/QQ空间在线挂机
cve-crawler -
z3-stuff - z3 scripts and ctf challenge solutions.
emailwhois - Look up an email domain (@example.com), using Python, across all known domains.
pytorch-dnc - Neural Turing Machine (NTM) & Differentiable Neural Computer (DNC) with pytorch & visdom
macOS-Security-and-Privacy-Guide - Guide to securing and improving privacy on macOS
WebEye -
pygeoip - DEPRECATED: Pure Python API for Maxmind's binary GeoIP databases
histstat - history for netstat
spoodle - A mass subdomain (Subbrute) + poodle vulnerability scanner
cobra - Source Code Security Audit (源代码安全审计)
WindowsExploits - Windows exploits, mostly precompiled. Not being updated. Check https://github.com/SecWiki/windows-kernel-exploits instead.
rsync_scan - rsync空口令扫描器
ida-arm-system-highlight - IDA script for highlighting and decoding ARM system instructions
opmanager_exp - opmanager运维监控系统上传漏洞测试工具
AssistantPi - Bring both Google Assistant and Alexa to your Raspberry Pi
dnschef - DNSChef - DNS proxy for Penetration Testers and Malware Analysts
bgp-ranking - BGP ranking is a free software to calculate the security ranking of Internet Service Provider (ASN).
openai_lab - An experimentation framework for Reinforcement Learning using OpenAI Gym, Tensorflow, and Keras.
pwnbin - Python Pastebin Webcrawler that returns list of public pastebins containing keywords
scanless - online port scan scraper
RtspFuzzer - RTSP network protocol fuzzer
The-Password-Manager - Manager/Generator With AES Encrypted Vault - Updated 27/9/2017
certitude - The Seeker of IOC
ssh-audit - SSH server auditing (banner, key exchange, encryption, mac, compression, compatibility, security, etc)
nsshell - A DNS connectback shell executed by strings in payloads.txt
tplmap - Server-Side Template Injection and Code Injection Detection and Exploitation Tool
pyekaboo - Proof-of-concept program that is able to to hijack/hook/proxy Python module(s) thanks to $PYTHONPATH variable
mhn - Modern Honey Network
pyvulhunter - python audit tool 审计注入 inject
Deformable-ConvNets - Deformable Convolutional Networks
pocserver - Scripts running in public webserver for vulnerability PoC
droopescan - A plugin-based scanner that aids security researchers in identifying issues with several CMSs, mainly Drupal & Silverstripe.
ArchiveBox - 🗃 The open source self-hosted web archive. Takes browser history/bookmarks/Pocket/Pinboard/etc., saves HTML, JS, PDFs, media, and more...
bropy - Basic Anomaly IDS capabilities with Python and Bro
wifiphisher - The Rogue Access Point Framework
intel_amt_honeypot - intel amt honeypot
CrackMapExec - A swiss army knife for pentesting networks
fInd0 - Tool to find domains in sold about a target
ctf - Ctf solutions from p4 team
struts2_045_scan - Struts2-045 Scanner
apiscout - This project aims at simplifying Windows API import recovery on arbitrary memory dumps
Zulu - The Zulu fuzzer
pylnker - This is a Python port of lnk-parse-1.0, a tool to parse Windows .lnk files.
IIS_exploit - Buffer overflow in the ScStoragePathFromUrl function in the WebDAV service in Internet Information Services (IIS) 6.0 in Microsoft Windows Server 2003 R2 allows remote attackers to execute arbitrary code via a long header beginning with "If: <http://" in a PROPFIND request, as exploited in the wild in July or August 2016.
exploits -
plasma - Plasma is an interactive disassembler for x86/ARM/MIPS. It can generates indented pseudo-code with colored syntax.
BitcoinStrategy - bitcoin arbitrage between Huobi and Okcoin
BitcoinExchangeFH - Cryptocurrency exchange market data feed handler
NoEye - A blind mode exploit framework (a dns server and a web app) that like wvs's AcuMonitor Service or burpsuite's collabrator or cloudeye
not-your-average-web-crawler - A web crawler (for bug hunting) that gathers more than you can imagine.
kcshell - Simple Python3 based interactive assembly/disassembly shell for various architectures powered by Keystone/Capstone.
write-ups-2017 - Wiki-like CTF write-ups repository, maintained by the community. 2017
CryptoBook - Learning Cryptography, math and programming with Cryptol (and maybe some Python)
iScript - 各种脚本 -- 关于虾米 xiami.com, 百度网盘 pan.baidu.com, 115网盘 115.com, 网易音乐 music.163.com, 百度音乐 music.baidu.com, 360网盘/云盘 yunpan.cn, 视频解析 flvxz.com, bt torrent ↔ magnet, ed2k 搜索, tumblr 图片下载, unzip
pwndbg - Exploit Development and Reverse Engineering with GDB Made Easy
dnsdiag - DNS Diagnostics and Performance Measurement Tools
bearded-avenger - CIF v3 -- the fastest way to consume threat intelligence
PoC - Various PoCs
ZipCrack - ZipCrack with Python
octodns - Tools for managing DNS across multiple providers
trsh - Telegram Remote-Shell
tldextract - Accurately separate the TLD from the registered domain and subdomains of a URL, using the Public Suffix List.
splinter - splinter - python test framework for web applications
gixy - Nginx configuration static analyzer
ZEROScan - Multi-Thread Vulnerability Verify Framework
hacking - OpenStack Hacking Style Checks
XSSYA-V-2.0 -
coursera-dl - Script for downloading Coursera.org videos and naming them.
python-broadlink - Python module for controlling Broadlink RM2/3 (Pro) remote controls, A1 sensor platforms and SP2/3 smartplugs
Broadlink-e-control-db-dump - These two scripts will "parse" the broadlink e-Control Android application database or SharedData and dump the IR / RF codes for selected accessories into a text file which can be later used with broadlink-python to send the codes to the RM PRO hub
qiniu4blog - 使用七牛云存储创建自己的图床,用于写博客
subconscious - redis-backed (in memory) db for python3 that is asyncio compatible
mocktailsmixer - Make a DIY Robotic Mocktails Mixer Powered by the Google Assistant SDK
irc-client - Simple IRC (Internet Relay Chat) Client written in Python
katoolin - Automatically install all Kali linux tools
hexo-git-backup-tools - Back-up the source files of my blog.
docker-ida - Run IDA Pro disassembler in Docker containers for automating, scaling and distributing the use of IDAPython scripts.
fonttools - A library to manipulate font files from Python.
aptc - Automated Payload Test Controller
BigDataML -
WebHubBot - Python + Scrapy + MongoDB . 5 million data per day !!!💥 The world's largest website.
cve-offline - An easy to grep dump of the NVD database showing only; CVE-ID, CVSS Risk Score, and Summary.
leviathan - wide range mass audit toolkit
Mobile-Security-Framework-MobSF - Mobile Security Framework is an automated, all-in-one mobile application (Android/iOS/Windows) pen-testing framework capable of performing static analysis, dynamic analysis, malware analysis and web API testing.
Beehive - Beehive is an open-source vulnerability detection framework based on Beebeeto-framework. Security researcher can use it to find vulnerability, exploits, subsequent attacks, etc.
pacemaker - Heartbleed (CVE-2014-0160) client exploit
searx - Privacy-respecting metasearch engine
Py-DNS-over-HTTPS-Proxy - Provides a simple Python based proxy for running DNS over HTTPS to Google's DNS over HTTPS service.
weblogic-serialization-exploit-updated - Updated the FoxGlove Security WebLogic serialization exploit.
hackUtils - It is a hack tool kit for pentest and web security research.
algorithms - Minimal examples of data structures and algorithms in Python
JavaUnserializeExploits -
shellnoob - A shellcode writing toolkit
labs - Vulnerability Labs for security analysis
virtualenv-burrito - One command to have a working virtualenv + virtualenvwrapper environment.
scan -
eval -
blindy - Simple script to automate brutforcing blind sql injection vulnerabilities
mblogic-S2-client - The client side HMI for the S2 modbus control. This has many html and css pages which were custom edited and also have needed server and client base programs.
cheetah - a very fast brute force webshell password tool
multiscanner - Modular file scanning/analysis framework
manticore - Symbolic execution tool
exp - 各种流行的POC批量扫描工具，当然其中的目标需要自己去收集。
Sublist3r - Fast subdomains enumeration tool for penetration testers
sicklepoc -
scantastic-tool - It's bloody scantastic
jieba - 结巴中文分词
hacking_script - 开发或收集的一些网络安全方面的脚本、小工具
CustomDeserializer - Custom Deserializer
theHarvester - E-mails, subdomains and names Harvester - OSINT
Nosql-Exploitation-Framework - A Python Framework For NoSQL Scanning and Exploitation
jdwp-shellifier -
faraday - Collaborative Penetration Test and Vulnerability Management Platform
truffleHog - Searches through git repositories for high entropy strings and secrets, digging deep into commit history
OSTrICa -
GitMiner - Tool for advanced mining for content on Github
eqgrp-free-file - Free sampling of files from the purported Equation Group hack.
tutorials - 机器学习相关教程
jexboss - JexBoss: Jboss (and Java Deserialization Vulnerabilities) verify and EXploitation Tool
libheap - python library to examine ptmalloc (the glibc userland heap implementation)
PortScan -
NVRScanner -
password - 1
op1repacker - Tool for unpacking, modifying and repacking firmware for the OP-1 synth by Teenage Engineering.
exploits - Miscellaneous exploit code
yeti - Your Everyday Threat Intelligence
userline - Query and report user logons relations from MS Windows Security Events
fuzzbunch_wrapper - Fuzzbunch Python-Wine wrapper
AIL-framework - AIL framework - Analysis Information Leak framework
expdevBadChars - Bad Characters highlighter for exploit development purposes supporting multiple input formats while comparing.
osint_public -
IDA_loader - Some loader module for IDA
Smbtouch-Scanner - Automatically scan the inner network to detect whether they are vulnerable.
datasploit - Utilizing various Open Source Intelligence (OSINT) tools and techniques that we have found to be effective, DataSploit brings them all into one place, correlates the raw data captured and gives the user, all the relevant information about the domain/email/ phone number/person, etc. It allows you to collect relevant information about a target which can expand your attack/defence surface very quickly. Sometimes it might even pluck the low hanging fruits for you without even touching the target and give you quick wins. More documentation here: http://datasploit.readthedocs.io/en/latest/.
focuson - A tool to surface security issues in python code
pyt - A Static Analysis Tool for Detecting Security Vulnerabilities in Python Web Applications
CVE-2017-0199 - Exploit toolkit CVE-2017-0199 - v4.0 is a handy python script which provides pentesters and security researchers a quick and effective way to test Microsoft Office RCE. It could generate a malicious RTF/PPSX file and deliver metasploit / meterpreter / other payload to victim without any complex configuration.
vrnetlab - Run virtual routers with docker
DAMM - Differential Analysis of Malware in Memory
opensnitch - OpenSnitch is a GNU/Linux port of the Little Snitch application firewall
Loki - Loki - Simple IOC and Incident Response Scanner
casper - Casper contract, and related software and tests
writeups - CTF writeups
pentest-wiki - PENTEST-WIKI is a free online security knowledge library for pentesters / researchers. If you have a good idea, please share it with others.
nmap-converter - Python script for converting nmap reports into XLS
fuzzbunch - NSA finest tool
doublepulsar-detection-script - A python2 script for sweeping a network to find windows systems compromised with the DOUBLEPULSAR implant.
pynmap - A serious(Tried to be) attempt to implement multi-threading to nmap module, which would result in faster scanning speed. I know that one can write NSE scripts for multi-threaded scanning with it, but I wanted to try it on python.
haveibeenpwned - Python script to verify multiple email addresses for pwnage
PyPwned - A Python client for the HaveIBeenPwned REST API
jackit - JackIt - Exploit Code for Mousejack
GithubLeakAlert -
shadowbroker - The Shadow Brokers "Lost In Translation" leak
pyscap - Python implementation of a Security Content Automation Protocol compatible Configuration, Vulnerability, Patch and Inventory Scanner
creak - Poison, reset, spoof, redirect MITM script
FakeGit - FakeGit: A great tool to fool yourself and others
dns-parallel-prober - PoC for an adaptive parallelised DNS prober
cisco-rce - CVE-2017-3881 Cisco Catalyst Remote Code Execution PoC
tun64 - IPv6 transition tunnel-based mechanism information exfiltration tool
whereami - Uses WiFi signals 📶 and machine learning to predict where you are
ipwndfu - open-source jailbreaking tool for older iOS devices
genpac - PAC/Dnsmasq/Wingy file Generator, working with gfwlist, support custom rules.
pythonwebhack - 用python实现的web框架建立的在线渗透平台
github_trending_spider -
commitsSpider - 爬取ffmpeg，linux，wireshark在github上的commits，并提取出其中的CVE号
githubSpider - 使用python爬虫批量爬取GitHub上的高star项目并定期pull保持最新
github_relationship - a simple spider for github instead of api
webdirscan - 跨平台的web目录扫描工具
Exploit - 常用的一些Exploit，经常会更新，也欢迎各位提交新的exp给我。
proxy_pool - Python爬虫代理IP池(proxy pool)
pyinotify - Monitoring filesystems events with inotify on Linux.
netattack - A simple python script to scan and attack wireless networks.
POC-T - 渗透测试插件化并发框架
CTFCrackTools - China's first CTFTools framework.**国内首个CTF工具框架,旨在帮助CTFer快速攻克难关
punter - Hunt domain names using DNSDumpster, WHOIS, Reverse WHOIS, Shodan, Crimeflare
apticket-nonce-checker - Python script which parses 32-bit SHSH/APTickets and prints the APTicket nonce, if any.
awesome-iot - Awesome IoT. A collaborative list of great resources about IoT Framework, Library, OS, Platform
TaobaoUser - Get anonymous user of Taobao
OnlineJudge - open source online judge based on Vue, Django and Docker. | 青岛大学开源 Online Judge | QQ群 496710125 | [email protected]
xsscrapy - XSS spider - 66/66 wavsep XSS detected
Report-IP-hourly - 📬 Report Linux IP by email hourly.
CTF - CTF's writeups
EaST - Exploits and Security Tools Framework 2.0.1
yara-exporter - Exporting MISP event attributes to yara rules usable with Thor apt scanner
timesketch - Collaborative forensic timeline analysis
RePEconstruct -
PloitKit - The Hacker's ToolBox
spiderfoot - SpiderFoot, the most complete OSINT collection and reconnaissance tool.
advanced-web-scraping-tutorial - The Zipru scraper developed in the Advanced Web Scraping Tutorial.
pytorch-tutorial - PyTorch Tutorial for Deep Learning Researchers
urh - Universal Radio Hacker: investigate wireless protocols like a boss
datasploit - An #OSINT Framework to perform various recon techniques on Companies, People, Phone Number, Bitcoin Addresses, etc., aggregate all the raw data, and give data in multiple formats.
RTTanalysis - Estimation and analysis of round trip time in TCP traffic
findcrypt-yara - IDA pro plugin to find crypto constants (and more)
Get-ip-address - python脚本自动获取本机ip，并发送到邮箱。适应linux系统和树莓派（raspberry pi）
CnblogsSpider - 用scrapy采集cnblogs列表页爬虫
Sisyphus - 一个方便的用来分析LOL中数据的工具
AutOSINT - Tool to automate common OSINT tasks
DorkNet - Selenium powered Python script to automate searching for vulnerable web apps.
pyscatwave - Fast Scattering Transform with CuPy/PyTorch
isp-data-pollution - ISP Data Pollution to Protect Private Browsing History with Obfuscation
bcc - BCC - Tools for BPF-based Linux IO analysis, networking, monitoring, and more
evilginx - PLEASE USE NEW VERSION: https://github.com/kgretzky/evilginx2
og-miner - OpenDNS Graph Miner
TravelPhotoBackup - This is an OLD repository and has been left here for reference purposes only. New repository can be found at: https://github.com/Moving-Electrons/photo-backup. More information at www.movingelectrons.net .
gdbida - gdbida - a visual bridge between a GDB session and IDA Pro's disassembler
drawlikebobross - Draw like Bob Ross using the power of Neural Networks (With PyTorch)!
MongoDB_AutoDump - 用于快速探测未授权MongoDB数据库结构，取第一条内容，并统计数据数量。A tool for unauthorized MongoDB database , take the first content, and the number of statistical data.
dictBuilder - 渗透测试中字典生成工具
SAKS-tutorials - SAKS Tutorials
pycookiecheat - Borrow cookies from your browser's authenticated session for use in Python scripts.
ipcheck - Serivce that sends you an email when your WAN address changes
qqwry-python3 - 在纯真IP数据库（qqwry.dat）查询IP归属地， for python 3.0+，已上传至pypi。
taobao_bra_crawler - a taobao web crawler just for fun.
GitPrey - Searching sensitive files and contents in GitHub associated to company name or other key words
DSXS - Damn Small XSS Scanner
weakfilescan - 动态多线程敏感信息泄露检测工具
genpAss - **特色的弱口令生成器
Distributed_Microblog_Spider - 分布式新浪微博爬虫
IPProxyPool - IPProxyPool代理池项目，提供代理ip
SinaWeiboSpider-Mongodb - weibo spider
tweets_analyzer - Tweets metadata scraper & activity analyzer
tweepy - Twitter for Python!
twitter-user-geocoder - Resolve the location string in Twitter users' profiles to US states (and cities)
tweetf0rm - A twitter crawler in Python
ScrapyTwitter - Crawling twitter info Using Scrapy+Splash
TwitterScrape - A Twitter scraping tool using Scrapy
msku-etkinlik - MSKU Etkinlik Kodları
cbg-scrapy - Simple HTTP server for asynchronous scrapping data from Twitter API using Twisted library
scrapy-twitter -
python-ngrokd -
Awesome-Linux-Software - A list of awesome applications, software, tools and other materials for Linux distros.
ubuntu-make - Ubuntu Make
SublimeOnSave - Executes commands on file save.
github_search - 根据 keywords 搜索 github 上面的 repos, 并通过 web 展示
TwitterSpider - Parsing tweets from Twitter Profiles with Python
woeid - Scrapy crawling woeid and twitter trends (using api)
scrapy-twitter - crawl twitter timeline using scrapy
twitter_scrapy - Use Scrapy to crwal Twitter .THE 1.0 Edition
Sneaker-Notify - Sneaker/Restock/Monitor Notify via Twitter coded in Python using Scrapy.
reddit_all_rising - Simple example of a Scrapy spider that scrapes Reddit + Twitter bot made with python-twitter, deployed to Heroku
pyc2 - simple c2 written in python to demonstrate security concepts
WPForce - Wordpress Attack Suite
algo - Set up a personal IPSEC VPN in the cloud
awesome-python - A curated list of awesome Python frameworks, libraries, software and resources
HelloGitHub - 分享 GitHub 上有趣、入门级的开源项目
you-get - ⏬ Dumb downloader that scrapes the web
gitbook-wiki - 📖 Wiki powered by Gitbook :)
docbook - 通过gitbook把固定格式的markdown文件转成html，然后上传至qiniu存储为静态站点，通过特定URL访问，也可以通过域名CNAME到特定URL访问
gitbook-deploy - a simple tool help me deploy gitbook to github pages.
weixinpy - Python client SDK for Micro Message Public Platform API.
python-cheat-sheet - Python Cheat Sheet NumPy, Matplotlib
pandas-datareader - Extract data from a wide range of Internet sources into a pandas DataFrame.
tushare - TuShare is a utility for crawling historical data of China stocks
pandasql - sqldf for pandas
HackRequests - It is a dedicated requests lib that supports cookie, headers, get/post, etc. And it also supports rendering the response (e.g. Javascript, CSS, etc.) of GET requests by using PhantomJs enginee.
Github_Nuggests - 自动爬取Github上文件敏感信息泄露，抓取邮箱密码并自动登录邮箱验证，支持126，qq，sina，163邮箱
bypy - Python client for Baidu Yun (Personal Cloud Storage) 百度云/百度网盘Python客户端
cupp - Common User Passwords Profiler (CUPP)
qrcode - artistic QR Code in Python （Animated GIF qr code）- Python 艺术二维码生成器（GIF动态二维码、图片二维码）
textfilter - 敏感词过滤的几种实现+某1w词敏感词库
httpie - As easy as httpie /aitch-tee-tee-pie/ 🥧 Modern command line HTTP client – user-friendly curl alternative with intuitive UI, JSON support, syntax highlighting, wget-like downloads, extensions, etc. https://twitter.com/clihttp
langid.py - Stand-alone language identification system
reddit - historical code from reddit.com
httpstat - curl statistics made simple
PyMySQL - Pure Python MySQL Client
flask-limiter - rate limiting extension for flask applications
glances - Glances an Eye on your system. A top/htop alternative for GNU/Linux, BSD, Mac OS and Windows operating systems.
sh - Python process launching
nginx-book - Nginx开发从入门到精通
explore-flask - Source of Explore Flask book
locust - Scalable user load testing tool written in Python
saythanks.io - Spreading Thankfulness in Open Source.
mycli - A Terminal Client for MySQL with AutoCompletion and Syntax Highlighting.
explore-python - 📗 The Beauty of Python Programming.
algorithm -
Raspberry_face_recognition_attendance_machine - 2016年完成，调用face++进行人脸识别语音发音的树莓派平台下的考勤机。
Nyspider - 各种爬虫
PTWeiboSpider - 针对新浪微博的多功能爬虫
SinaHouseCrawler - 基于scrapy,scrapy-redis实现的一个分布式网络爬虫,爬取了新浪房产的楼盘信息及户型图片,实现了常用的爬虫功能需求.
phantomJS-weibo - phantomJS新浪微博爬虫
SinaSpider - 动态IP解决新浪的反爬虫机制，快速抓取内容。
telnet-scanner - telnet服务密码撞库
V3n0M-Scanner - Popular Pentesting scanner in Python3.6 for SQLi/XSS/LFI/RFI and other Vulns
PayloadsAllTheThings - A list of useful payloads and bypass for Web Application Security and Pentest/CTF
BruteXSS - BruteXSS is a tool written in python simply to find XSS vulnerabilities in web application. This tool was originally developed by Shawar Khan in CLI. I just redesigned it and made it GUI for more convienience.
pythem - pentest framework
log_visual - 日志可视化
thinkstats - 程序员统计入门, fork自thinkstats, 改动: 用Numpy, Pandas处理数据, Seaborn可视化
QUANTAXIS_SPIDER - QUANTAXIS 爬虫mod python/javascript/mongodb
AnalysePass -
py-feedr - A Python parser to tweet the latest updates from multiple RSS feeds.
Shortcut-Downloader - Shortcut Downloader

Rich Text Format

clover-efi - 分享整理一些黑苹果Clover驱动配置文件
Hackintosh-Installer-University - open source tutorial & information collector for hackintosh installation. 💻➕🍎
clover - Share some hackintosh Clover files 分享一些黑苹果clover配置文件
oletools - oletools - python tools to analyze MS OLE2 files (Structured Storage, Compound File Binary Format) and MS Office documents, for malware analysis, forensics and debugging.

Roff

xlog - web日志扫描工具
websearch - Search engine for web assets

Ruby

codeobscure - code obscure for object-c project. 方便强大的OC工程代码自动混淆工具
purple-team-attack-automation - Praetorian's public release of our Metasploit automation of MITRE ATT&CK™ TTPs
FuzzScanner - 一个主要用于信息搜集的工具集，主要是用于对网站子域名、开放端口、端口指纹、c段地址、敏感目录等信息进行批量搜集。
lolcat - Rainbows and unicorns!
killshot - A Penetration Testing Framework, Information gathering tool & Website Vulnerability Scanner
Metasploit-Plugins - Plugins for Metasploit Framework
feedbin - RSS Reader
json_resume - Generates pretty HTML, LaTeX, markdown, with biodata feeded as input in JSON
Web-CTF-Cheatsheet - Web CTF CheatSheet 🐈
Summit_PPT - 各种安全大会PPT PDF
aws_public_ips - Fetch all public IP addresses tied to your AWS account. Works with IPv4/IPv6, Classic/VPC networking, and across all AWS services
arachni-ui-web - Arachni's Web User Interface.
AttackFilter - Logstash 日志安全攻击分析插件
CVE-2018-1297 - Apache Jmeter RMI 反序列化
cve-2017-7269 - fixed msf module for cve-2017-7269
vsaudit - VOIP Security Audit Framework
watchdog - IF (网页某区域有变化) THEN (邮件提醒你)
CVE-2017-11882-metasploit - This is a Metasploit module which exploits CVE-2017-11882 using the POC released here : https://embedi.com/blog/skeleton-closet-ms-office-vulnerability-you-didnt-know-about.
msfvenom-bc-generator - Metasploit msfvenom Bash Completions Generator
Reverse_DNS_Shellcode - Revrese DNS payload for Metasploit: Download Exec x86 shellcode. Also DNS Handler and VBS bot (alsow working over DNS) as PoC included.
bridge - brigde is a dynamic port forwarder over HTTP (with HTTP PROXY support)
awesome-blockchains - A collection about awesome blockchains - open distributed public databases w/ crypto hashes incl. git ;-). Blockchains are the new tulips 🌷🌷🌷. Distributed is the new centralized.
metasploit-autopwn - db_autopwn plugin of metasploit
Hacking-Busybox-Control - Some metasploit scripts to help to control busybox based embedded devices
homebrew-pentest - Homebrew Tap - Pen Test Tools
Tails-zh_TW - website of TAILS (l10n project for Traditional Chinese)
tails-zh_CN - Website of Tails ( l10n project for Simplified Chinese )
shuffler - Just a quick ruby script to explore perfect card shuffles. :)
joomlavs - A black box, Ruby powered, Joomla vulnerability scanner
cve_server - Simple REST-style web service for the CVE searching
timing_attack - Perform timing attacks against web applications
fuzzapi - Fuzzapi is a tool used for REST API pentesting and uses API_Fuzzer gem
watobo -
WhatWeb - Next generation web scanner
wordpress-exploit-framework - A Ruby framework designed to aid in the penetration testing of WordPress systems.
inspec - InSpec: Auditing and Testing Framework
pedump - dump windows PE files using ruby
Learning-SICP - MIT视频公开课《计算机程序的构造和解释》中文化项目及课程学习资料搜集。
puppetlabs-firewall - Puppet Firewall Module
huginn - Create agents that monitor and act on your behalf. Your agents are standing by!
whitewidow - SQL Vulnerability Scanner
rubynew - Ruby new project generator.
HatCloud - discontinued
secure_headers - Manages application of security headers with many safe defaults
Eternalblue-Doublepulsar-Metasploit - Module of Metasploit to exploit the vulnerability Eternalblue-Doublepulsar.
zen-rails-security-checklist - Checklist of security precautions for Ruby on Rails applications.
awesome-raspberry-pi - 📝 A curated list of awesome Raspberry Pi tools, projects, images and resources
BloodHound-Owned - A collection of files for adding and leveraging custom properties in BloodHound.
birdwatcher - Data analysis and OSINT framework for Twitter
ccc_privacy_crawler - Tカードの個人情報提供の停止対象企業一覧の新着を通知するためのTwitterボットです
dockscan - dockscan is security vulnerability and audit scanner for Docker installations
metasploit-framework - Metasploit Framework
open-shell-book - 开源书籍：《Shell 编程范例》，面向操作对象学 Shell！
arachni - Web Application Security Scanner Framework

Rust

ripgrep - ripgrep recursively searches directories for a regex pattern
findomain - A cross-platform tool that use Certificate Transparency logs to find subdomains.
rbkcrack - Crack legacy zip encryption with Biham and Kocher's known plaintext attack. 使用明文攻击破解加密的 zip 文件
EroDir - A fast web directory/file enumeration tool written in Rust
sn0int - Semi-automatic OSINT framework and package manager
sudo_pair - Plugin for sudo that requires another human to approve and monitor privileged sudo sessions
awesome-rust - A curated list of Rust code and resources.
shadowsocks-rust - Oh my implementation of Shadowsocks in Rust
rust-youtube-downloader - Youtube video downloader written in Rust
dirt - Dynamic Identification and Recognition Technology
awesome-static-analysis - Static analysis tools for all programming languages
minimal-tls - A minimal implementation of TLS

Shell

genmkfile - Generic Makefile
BlueGhost - A network tool designed to assist blue teams in banning attackers from linux servers.
DebianLiveBuilder - Bash script for the automation of building a Debian live iso
plank-themes -
plankthemes - A repository of all planks I find
install-gnome-themes - Script to install the latest versions of some fine GNOME 3 themes
kali-anonymous - 👤 The anonymous script from ParrotSec OS and BackBox Linux, perfected to run on Kali Linux Rolling. Run the script with sudo sh script.sh and then it will install and configure Tor, macchanger, and the anonymous script.
Linux_env - This is about Unix/Linux Tool including shell 、python as well as tool，and so on
distroshare-ubuntu-imager - Creates an installable live CD from an installed Ubuntu or derivative distribution
dell-xps-9560-ubuntu-respin - Collection of scripts and tweaks to adapt Ubuntu and Linux Mint ISO images to let them run smooth on Dell XPS 15 9560.
kali_build - build custom de kali linux avec config_auto préinstaller
ccaa - CentOS + Caddy + Aria2 + AriaNg一键安装离线下载、文件管理。
dnsmasq_sniproxy_install - One-click Install and Configure Dnsmasq and Sniproxy for CentOS/Debian/Ubuntu
msfautoinstall - copy metasploit auto install shell script.
trigmap - A wrapper for Nmap to automate the pentest
easysploit - EasySploit - Metasploit automation (EASIER and FASTER than EVER)
docker-zerotier-moon - 🐳 A docker image to create zerotier moon in one step.
ai-roadmap - ApacheCN AI 路线图（知识树）
dotfiles - bash + tmux + neovim
Hackintosh - Hackintosh黑苹果长期维护机型EFI及安装教程整理
jsproxy - 一个基于浏览器端 JS 实现的在线代理
kvm-install-vm - Bash script to build local virtual machines using KVM/libvirt and cloud-init.
zerotier - Join zerotier network auto
LuWu - 红队基础设施自动化部署工具
Security-Baseline - Linux/Windows安全加固脚本
frpspro - Frps 一键安装脚本，Frpc Windows 便捷脚本！Frp 远程桌面！
Archlinux-Installer - Arch Linux Installer,Install your Arch Linux more quickly
arch-ppa - Create and maintain personal Arch linux package repositories
meedu - 基于Laravel开发的在线点播系统。
PXE-Server-Centos-7 - PXE Server Centos 7
pxe - Dockerfile to build a PXE server in a Docker container
kube-scan - Kubernetes Scanner
nginx-admins-handbook - How to improve NGINX performance, security, and other important things; @ssllabs A+ 100%, @mozilla A+ 120/100.
k8s-by-kubeadm - 如何使用kubeadm在国内网络环境搭建单主k8s集群
tor2proxy -
confluence - Dockerized Atlassian Confluence
c0toolkit - Miscellaneous pentesting scripts for OSCP
automated-pentest - Minimal docker container of Parrot OS for running an automated scan & pentest report.
github-email - Get a GitHub user's email. All sneaky-like. 😎
PenTestKit - Useful tools and scripts used during Penetration Tests.
Penetration-Testing-Grimoire - Custom Tools and Notes from my own Penetration Testing Experience
takeover.sh - Wipe and reinstall a running Linux system via SSH, without rebooting. You know you want to.
Shr3dKit - Red Team Tool Kit
kaboom - automatic pentest
ctf-tools - CTF 工具集合
OCS - 一键脚本(One-click script)
java-env-install - Centos系统 Java环境自动安装脚本 jdk1.8、maven3.5.3、 Tomacat8.0、Docker、Nodejs Npm
oracledb-ansible - Ansible playbook to configure a CentOS/RHEL/Oracle Linux 7.1 server with Oracle 12c R1 Enterprise Edition Database
Evaluation_tools - 等级保护测评工具
LinuxCheck - linux信息收集脚本主要用于应急响应
rpi-backup - RaspberryPi Backup shell
smokeping-onekey -
docker-ss-tproxy - ss-redir 全局透明代理 (REDIRECT + TPROXY)
inexistence - I know nothing, you see nothing.
ss-redir-on-raspberry-script -
aria2-bt-tracker - auto update aria2 bt-tracker
awesome-indie-zh - 独立开发/自由职业/远程工作资源列表
MacOS-Security-Baseline - Baseline Security Configuration For MacOS
PwnBox - A VM for RE and Pwn
Kali-install-docker - Docker-ce Install script for Kali
docker-nessus_scanner - Nessus Scanner Docker Image
shadow - Run shadow clones of your system parallely with Docker
Linux-baseline-scan - Linux baseline scan,make sure the host security
kjyw - 快捷运维，代号kjyw，项目基于shell、python，运维脚本工具库，收集各类运维常用工具脚本，实现快速安装nginx、mysql、php、redis、nagios、运维经常使用的脚本等等...
swizzin - A simple, modular seedbox solution
mtprotoproxy-onekey - MTPROTOPROXY EASY TO USE.
neatdns - anti-pollution DNS server
tor-relay-bootstrap-rpi - Script to bootstrap a Debian server to be a set-and-forget Tor relay
tmux-themepack - A pack of various Tmux themes.
dots - My dotfiles (still a WIP)
iso-profiles - This is a mirror repo of iso-profiles
MTProxy-Bash - MTProxy 一键搭建管理脚本
Deepin-Apps-Installation - 本仓库介绍如何在基于Ubuntu的系统上安装Deepin移植的软件。This repo shows how to install apps packaged by Deepin.
rpi_backup_script - 树莓派备份脚本，备份出来的img可以当做系统镜像分发
fonts - Patched fonts for Powerline users.
arch4edu - Archlinux and ArchlinuxARM Repository for Education
scripts - Scripts do automation works.
vulstudy - 使用docker快速搭建各大漏洞学习平台，目前可以一键搭建12个平台。
aui - Archlinux Ultimate Install
v2ray - 最好用的 V2Ray 一键安装脚本 & 管理脚本
setmac - dhcp网络通过随机mac刷新ip
sandmap - Nmap on steroids! Simple CLI with the ability to run pure Nmap engine, 31 modules with 459 scan profiles.
spaceship-prompt - 🚀⭐ A Zsh prompt for Astronauts
openwrt-fanqiang - 最好的路由器翻墙、科学上网教程—OpenWrt—shadowsocks
optimize-ubuntu - Optimize Ubuntu for usability, security, privacy and stability
AutoNSE - Massive NSE (Nmap Scripting Engine) AutoSploit and AutoScanner
ant - Linux服务器信息收集脚本
blocklist-ipsets - ipsets dynamically updated with firehol's update-ipsets.sh script
Block-IPs-from-countries - A linux bash script help you block or unblock IPs from countries
raspbian-ss - Transparent proxy server (use shadowsocks & chinadns) on raspberry pi
asus-v2ray-transparent-proxy - transparent proxy with v2ray, iptables, ipset 无线路由器 v2ray 透明代理
dotfiles-and-scripts - 🎣 Dotfiles and scripts providing ArchLinux one-stop installation, cumbersome configure details and other senseless stuff. Archlinux安装脚本，以及其他一些无聊的配置文件
twisted-honeypots - SSH, FTP and Telnet honeypots based on Twisted
ArchWSL - ArchLinux as a WSL Instance. Supports multiple install.
aqi-share - A platform for sharing aqi data from the folks
filebrowser - Filebrowser 一键安装脚本
lnmp - Auto compile and install LNMP/LNMPA/LAMP on CentOS/RHEL/Fedora/Aliyun/Amazon,Debian/Ubuntu/Raspbian/Deepin/Mint Linux. Easy install,upgrade and use.
CloudFlare_DNS_Record - Script to modify DNS Record via CloudFlare
official-images - Primary source of truth for the Docker "Official Images" program
docker-handbook - Docker handbook
WhatCMS - CMS Detection and Exploit Kit based on Whatcms.org API
follow-me-install-kubernetes-cluster - 和我一步步部署 kubernetes 集群
awesome-cheatsheets - 超级速查表 - 编程语言、框架和开发工具的速查表，单个文件包含一切你需要知道的东西 ⚡
defender - simple scripts to provide defence
one-key-kms - 在Linux上一键搭建KMS服务器
docker-elk - The ELK stack powered by Docker and Compose.
private-tor-network - Run an isolated instance of a tor network in Docker containers
net_guard - A command line tool to detect new unknown device in your network using ARP protocol
windows-ova - Self-Installing Windows OVA. Automate and distribute Windows as an OVA.
ss-panel-and-ss-py-mu - SS Panel V3 前端/节点端安装脚本，及相关附属工具管理
lkl_study - study the LKL(linux kernel library) https://github.com/lkl/linux
jenv - Java enVironment Manager
LinEnum - Scripted Local Linux Enumeration & Privilege Escalation Checks
ZBench - 又一个Linux VPS测评脚本
GoogleVoice -
ss-tproxy - SS/SSR/V2Ray/Socks5 透明代理 for Linux
contact.sh - An OSINT tool to find contacts in order to report security vulnerabilities.
CCKiller - Linux轻量级CC攻击防御工具脚本
V2Ray_ws-tls_bash_onekey - V2Ray Nginx+vmess+ws+tls/ http2 over tls 一键安装脚本
mac-setup - Installing Development environment on macOS
ida_for_mac_green - IDA Pro for macOS绿化
Husky - k8s 离线部署脚本
docker-android - Android in docker solution with noVNC supported and video recording
qubes-install - Install programs in Qubes OS easily
CVE-2017-13089 - PoC for wget v1.19.1
Bash - Bash.
ctf-tools - Some setup scripts for security research tools.
k8s-snowflake - Configs and scripts for bootstrapping an opinionated Kubernetes cluster anywhere.
AWSScripts - Various AWS Automation Scripts
blockstack - Docker image for Blockstack
apache-ultimate-bad-bot-blocker - Apache Block Bad Bots, (Referer) Spam Referrer Blocker, Vulnerability Scanners, Malware, Adware, Ransomware, Malicious Sites, Wordpress Theme Detectors and Fail2Ban Jail for Repeat Offenders
pentestpackage - a package of Pentest scripts I have made or commonly use
Anti-DDOS - 🔒 Anti DDOS | Bash Script Project 🔒
CobaltStrike-ToolKit - Some useful scripts for CobaltStrike
unix-privesc-check - Automatically exported from code.google.com/p/unix-privesc-check
Git_Pentesting_Toolkit - Exploit pack for pentesters and ethical hackers.
raspi3-image-spec - contains the files to build the https://wiki.debian.org/RaspberryPi3 image
aria2-static-builds - aria2 static builds for GNU/Linux & Windows (with OpenSSL).
SeedboxCreationScript - Scripts and related items for creating a fully featured Seedbox on various Linux platforms.
docktorrent - ⚡ Full-featured BitTorrent box runs on Docker
sboxsetup -
rutorrent-auto-installer-centos - ruTorrent Auto Installer Script for CentOS and Debian
AtoMiC-ToolKit - AtoMiC Toolkit simplifies HTPC / Home Server setup and management on Ubuntu and Debian variants including Raspbian. It currently supports: Couchpotato, Deluged, Emby, FFmpeg, Headphones, Htpcmanager, Jackett, Kodi, Lazylibrarian, Madsonic, Mono, Mylar, Nzbget, Nzbhydra, NzbToMedia, Ombi, Plex, Plexpy, Pyload, qBittorrent, Radarr, Sabnzbd+, Sickgear, Sickrage, Sonarr, Subsonic, Transmission, Unrar, Watcher, and Webmin.
RpiProxy - Make a Raspberry PI as a proxy route, work with shadowsocks server, provide clean dns/proxy service
uml -
FlarumChina - Flarum 中文优化版
lowendscript - Bash scripts to set up/bootstrap low end virtual servers
VDVESTA - Welcome to VDVESTA, a shell script auto Custom & Install VESTACP for your CentOS Server Release 7 x86_64. Thanks you for using!
ssss - Stupid Simple Seedbox Script
rtinstall -
dockerfiles - Discontinued. Fork at your will.
swerpbox - SwerpBox, a seedbox and Media Center combined with the power of 🐳 Docker.
seedbox - Docker containers for running a seedbox/media server
ipv6_dhclient_online_net - seedbox一键脚本 Deluge+Flexget,rutorrent, rtorrent + ruTorrent,Transmission+Flexget,FTP,VPN,VNC,SSH Proxy,Rapidleec
seedbox - rTorrent + ruTorrent + Webserver + XMLRPC-C (un)installation script
Seedbox-installer - Preparing and installing a fully seedbox server (Plex Media Server + Sonarr/Radarr or SickRage/CouchPotato + Transmission or rTorrent/ruTorrent + Jackett + Tautulli)
docker-rtorrent-rutorrent -
seedbox - ruTorrent - rTorrent - libTorrent - nginx - php-fpm + HTTPS(TLS)
rutorrent-essential - Auto install script for rTorrent with ruTorrent
arch-rtorrentvpn - Docker build script for Arch Linux base with ruTorrent, rTorrent, Flood, Privoxy and OpenVPN
pimp-my-box - 🌱 Automated seedbox install of rTorrent-PS and PyroScope CLI etc. via Ansible.
rutorrent-bonobox - Auto install script for rTorrent with ruTorrent
Rtorrent-Auto-Install - Auto install script for rtorrent with Rutorrent as GUI.
rtinst - seedbox installation script for Ubuntu and Debian systems
gfwlist2privoxy - 将 gfwlist.txt（Adblock Plus 规则）转换为 privoxy.action
vps2arch - The fastest way to convert a VPS to Arch Linux!
docker-transmission-openvpn - Docker container running Transmission torrent client with WebUI over an OpenVPN tunnel
china-operator-ip - **运营商IP地址库-每日更新
searx-with-dnscrypt - Searx metadata search engine meets dnscrypt in Docker
script - Some Linux scripts
adapta-kde - Adapta KDE customization
centminmod - CentOS Shell menu based Nginx LEMP web stack auto installer (GPLv3 licensed)
RevokeChinaCerts - Revoke China certificates.
SELKS - A Suricata based IDS/IPS distro
dcs-tools - Tools for making remote Linux node management easy
make-ngrok - One bash to rule ngrok all. 一键编译 Ngrok 全平台客户端。
LinuxShellScript - LinuxShell编程笔记
blackip - Blacklist IPs for Ipset or Squid
RaspberryPi-script - RaspberryPi 2-B script
alpine-caddy - Alpine Linux Docker Container running Caddyserver
Caddy-Web-Server-Installer - Script to manage Caddy web server
docker-arm - Build Docker and Swarm on an ARM SoC like the Raspberry Pi
docker-pan - Docker:Filerun+AriaNg+Aria2,Personal cloud disk 搭建个人的可离线云盘
CharlesScripts - My awesome scripts for Arch Linux or Ubuntu Gnome latest LTS or MacBook.
cs-suite - Cloud Security Suite - One stop tool for auditing the security posture of AWS/GCP/Azure infrastructure.
whois.sh - A light weight whois tools written by shell.
streisand - Streisand sets up a new server running your choice of WireGuard, OpenConnect, OpenSSH, OpenVPN, Shadowsocks, sslh, Stunnel, or a Tor bridge. It also generates custom instructions for all of these services. At the end of the run you are given an HTML file with instructions that can be shared with friends, family members, and fellow activists.
Vultr-SS-Firewall - 一整套网络加速方案(SS)，速度，安全，便捷面面俱到，操作简单，适合非IT专业人士
macos-virtualbox-vm - Instructions and script to help you create a VirtualBox VM running macOS.
eternal_scanner - An internet scanner for exploit CVE-2017-0144 (Eternal Blue) & CVE-2017-0145 (Eternal Romance)
Easy-V2ray - 简单的V2ray一键配置包，小白也能简单上手。
acme.sh - A pure Unix shell script implementing ACME client protocol
programmer-job-blacklist - 🙈程序员找工作黑名单，换工作和当技术合伙人需谨慎啊更新有赞
one-key-ikev2-vpn - A bash script base on Centos or Ubuntu help you to create IKEV2/L2TP vpn.
ScanCannon - Combines the speed of masscan with the reliability and detailed enumeration of nmap
eazy-for-ss - A Bypassgfw Collection
EasySeedbox - Easy Seedbox is an unobtrusive transmission seedbox installation script for Ubuntu and Debian systems
install-transmission - Transmission Install Script (CentOS)
Ocserv-install-script-for-CentOS-RHEL-7 - Ocserv(AnyConnect Server) install script for CentOS/RHEL 7
Linux-Tutorial - 《Java 程序员眼中的 Linux》
shell-scripts - Linux Shell Scripts
ssr-finalspeed-server-docker -
ssr-with-net-speeder - Shadowsocksr with net speeder
ssr-bbr-docker - Dockerfile for ssr+bbr_powered
Fail2ban - 最简单的防止SSH暴力破解的脚本
YankeeBBR - 来自Loc大佬Yankee魔改的BBR的Debian一键安装包
PowerShellEmpireDocker - PowerShell Empire docker build
setup-ipsec-vpn - Scripts to build your own IPsec VPN server, with IPsec/L2TP and Cisco IPsec on Ubuntu, Debian and CentOS
docker-ipsec-vpn-server - Docker image to run an IPsec VPN server, with IPsec/L2TP and Cisco IPsec
oh-my-zsh - 🙃 A delightful community-driven (with 1,300+ contributors) framework for managing your zsh configuration. Includes 200+ optional plugins (rails, git, OSX, hub, capistrano, brew, ant, php, python, etc), over 140 themes to spice up your morning, and an auto-update tool so that makes it easy to keep up with the latest updates from the community.
openvpn-install - Set up your own OpenVPN server on Debian, Ubuntu, Fedora, CentOS or Arch Linux.
Resilio-Sync - Resilio Sync一键安装脚本
ReverseAPK - Quickly analyze and reverse engineer Android packages
PNP-PortableHackingMachine - This script will convert your Raspberry Pi 3 into a portable hacking machine.
anarchy-linux - Anarchy Linux - An Arch Based Distro
caddy-docker - Docker container for Caddy
GooGle-BBR - GooGle开源TCP加速算法
dropkick.sh - Detect and disconnect hidden WiFi cameras in that AirBnB you're staying in
hosts - 已停更
borg-backup.sh - A simple shell script for driving BorgBackup
borg-cron-helper - Helper shell scripts for BorgBackup to automate backups and make your life easier… 😉
CustomDebian - script to build your custom live Debian
openvpn-install - OpenVPN road warrior installer for Debian, Ubuntu and CentOS
linux-live - Linux Live Kit
remastersys - Remastersys Tool for Backup Your Ubuntu System
debian-custom-iso-scripts - These are scripts I made to help with the design and customization of a Debian ISO (Primarily WeakerThan Linux)
STIG-4-Debian - Security Technical Implementation Guide for Debian
hack_tools_for_me - 自己为了方便收集的小工具
bash-powerline - Powerline-style Bash prompt in pure Bash script. See also https://github.com/riobard/zsh-powerline
parsing-techniques - 📕 parsing techniques 中文译本——《解析技术》
Awesome-Shadowsocks-Qt5-Installation-on-Debian - Installation Script For shadowsocks-Qt5 on Debian
infinality-debian-package - Necessary files and scripts to build Infinality for Debian
Zeus - AWS Auditing & Hardening Tool
Arch-Linux-Installer - Arch-Linux-Install-Script/Arch Linux 安装脚本
Woobuntu -
elasticsearch-definitive-guide-cn - Elasticsearch权威指南中文版
Auto-Root-Exploit - Auto Root Exploit Tool
LazyDroid - bash script to facilitate some aspects of an Android application assessment
astroid - ASTROID v 1.2 bypass most A.V softwares
jboss-autopwn - A JBoss script for obtaining remote shell access
android-security-awesome - A collection of android security related resources
vpn - vpn一键安装包
GitTools - A repository with 3 tools for pwn'ing websites with .git repositories available
across - Across the Great Wall we can reach every corner in the world
awesome-ci - Awesome Continuous Integration - Lot's of tools for git, file and static source code analysis.
oh-my-shadowsocks - shadowsocks config on server, supervisor support
OSINT_Script -
dumbpentester - Fire and forget pentest script automating the finding of all vulns which can be found automaticaly
linux-exploit-suggester - Linux privilege escalation auditing tool
Meterpreter_Paranoid_Mode-SSL - Meterpreter Paranoid Mode - SSL/TLS connections
ssh-mitm - SSH man-in-the-middle tool
sof-elk - Configuration files for the SOF-ELK VM, used in SANS FOR572
kubernetes-handbook - Kubernetes中文指南/云原生应用架构实践手册 - https://jimmysong.io/kubernetes-handbook
build-linux - A short tutorial about building Linux based operating systems.
Goohak - Automatically Launch Google Hacking Queries Against A Target Domain
sn1per-docker - Dockerized version of Sn1per (https://github.com/1N3/Sn1per)
FakeImageExploiter - Use a Fake image.jpg (hide known file extensions) to exploit targets
git-remote-gcrypt - PGP-encrypted git remotes
zsh-iterm-touchbar - Display feedback of terminal in the 🍏 Touchbar
Pentest-Scripts - Github for the scripts utilised during Penetration test
E2P - Email 2 Post: 监测并解析博客管理员邮件，自动部署博文，更新博客。（针对hexo博客系统）
Hack - A typeface designed for source code
docker-gitlab - Dockerized GitLab
dnspop - Analysis of DNS records to find popular trends
Benchmarks - 常用服务器、数据库、中间件安全配置基线 - 基本包括了所有的操作系统、数据库、中间件、网络设备、浏览器，安卓、IOS、云的安全配置 For benchmarks.cisecurity.org
vulhub - Pre-Built Vulnerable Environments Based on Docker-Compose
GhostInTheNet - Ultimate Network Stealther that makes Linux a Ghost In The Net and protects from MITM/DOS/scan
Ubuntu-Telemetry-Free-Privacy-Secure - This Bash script just removes a pre-installed Telemetry, a pre-installed software and libs with some potentional or high risk. Script removes them to make your experience better and more secure. Also, the script installs an additional software for the protection. You will find more advices in Readme file about "what you can do more".
arm-docker-fixes - Scripts and hotfixes to fix some issues with Docker on ARM devices
misp-book - User guide of MISP
Sn1per - Automated pentest framework for offensive security experts
kodachi - Linux Kodachi operating system is based on Xubuntu 18.04 it will provide you with a secure, anti-forensic, and anonymous operating system considering all features that a person who is concerned about privacy would need to have in order to be secure.
ccrm - 新手检测树莓派国内源脚本
payloads - Git All the Payloads! A collection of web attack payloads.
myPiLFS - linux from scratch (lfs) on raspberry pi
pwnbox - Docker container with tools for binary reverse engineering and exploitation.
ip2hosts - Dirty bash script to obtain hosts given an IP address
snuff - Automate ARP poisoning, ssltrip, and ettercap.
crypscan - A suite of tools for cryptographic analysis developed with system administrators in mind.
testssl.sh - Testing TLS/SSL encryption anywhere on any port
OnLive - Onlive Firmware Dumps
graudit - grep rough audit - source code auditing tool
nomohead - Simple Bash script that announces IP Address and ngrok tunnel of Raspberry Pi at boot
ngrok-script - A script to run local ngrok client for linux and windows
AShell - 开发者常用脚本shell
n - Node version management
bash-it - A community Bash framework.
ubuntu-configuration - Configuration of Debian based OS, such as: Ubuntu, Mint, and Elementary OS
config-ubuntu - Quickly Setup Ubuntu Desktop or Server with all-in-one Bash Scripts.
VulApps - 快速搭建各种漏洞环境(Various vulnerability environment)
cc_iptables - 收集处理DDOS、CC攻击各类脚本，包括NGINX日志中的CC攻击IP处理。
EasyKit - Rootkit developed via Shell

Smali

SigKill - 一键绕过App签名验证
AhMyth-Android-RAT - Android Remote Administration Tool

Smarty

SSPanel-Uim - SSPanel V3 魔改再次修改版

SourcePawn

awvs_script_decode - 解密好的AWVS10.5 data/script/目录下的脚本

Swift

mas - 📦 Mac App Store command line interface
EFResume - Emmmmmn, a normal resume templete in Swift.
iOS-Weekly - 🇨🇳 老司机 iOS 周报
iOSAppHook - 专注于非越狱环境下iOS应用逆向研究，从dylib注入，应用重签名到App Hook
ARGitHubCommits - Show your GitHub commit records in 3D with ARKit and SceneKit. 用 ARKit 展示你的 GitHub 提交图
iInjection -
NEKit - A toolkit for Network Extension Framework
v2ex - The unofficial V2EX app for iOS

TSQL

nebula - "星云"业务风控系统，主工程
java-exam - Java实现的包含题库编辑、抽题组卷、试题分析、在线考试等模块的Web考试系统。
app-env-docker - 基于 Docker 的真实应用测试环境
docker - FileRun Docker Image

Tcl

TCLtools - Сollection of TCL scripts for Cisco IOS penetration testing

TeX

pandoc-latex-template - A pandoc LaTeX template to convert markdown files to PDF or LaTeX.
LaTeX_generate_Chinese_resume - 用LaTeX制作优雅的中文个人简历，适合IT从业者。FontAwesome字体+Adobe字体+有照片和无照片版本，总有一款适合你。
latex - 这是一个latex的个人简历排版与前端各类学习站点仓库
WanHuCV - LaTeX Template for Curriculum Vitæ 个人中英文简历 LaTeX 模板
cv_resume - A latex cv/resume template.
nndl - Another Chinese Translation of Neural Networks and Deep Learning
deeplearningbook-chinese - Deep Learning Book Chinese Translation
awesome-tls-security - A collection of (not-so, yet) awesome resources related to TLS, PKI and related stuff
Ankihelp - LaTeX 排版的中文 Anki 手册
RE-for-beginners - "Reverse Engineering for Beginners" free book
typeset -

TypeScript

lit-html - An efficient, expressive, extensible HTML templating library for JavaScript.
terminus - A terminal for a more modern age
layout-ui - 可视化布局纯css布局 Layout-UI
storybook - UI component dev & test: React, Vue, Angular, React Native, Ember, Web Components & more!
Mob - Mob - 一个有颜值的喜马拉雅桌面客户端，支持 Mac、Win 和 Linux
avataaars-generator - Simple generator React app for avataaars
aptmap - A map displaying threat actors from the misp-galaxy
chord - Chord - A Modern Music Player
CopyTranslator - Foreign language reading and translation assistant based on copy and translate.
DesktopNaotu - 桌面版脑图 (百度脑图离线版，思维导图) 跨平台支持 Windows/Linux/Mac OS. (A cross-platform multilingual Mind Map Tool)
Imagine - 🖼️ PNG/JPEG optimization app for macOS, Windows and Linux.
node-tap - 基于TypeScript实现的开源SSTap
outline-client - Outline clients, developed by Jigsaw. The Outline clients use the popular Shadowsocks protocol, and lean on the Cordova and Electron frameworks to support Windows, Android / ChromeOS, Linux, iOS and macOS.
outline-server - Outline Manager, developed by Jigsaw. The Outline Manager application creates and manages Outline servers, powered by Shadowsocks. It uses the Electron framework to offer support for Windows, macOS and Linux.
MemcacheDos - Memcache 反射DDOS攻击脚本经供学习参考使用
Scout - 可能是东半球最灵活的 URL 监控系统
clover - Shadowsocks and v2ray User Interface
oni - Oni: Modern Modal Editing - powered by Neovim
uProxy-p2p - Internet without borders
jigsaw - Jigsaw七巧板 provides a set of web components based on Angular5+. The main purpose of Jigsaw is to help the application developers to construct complex & intensive interacting & user friendly web pages. Jigsaw is supporting the development of all applications of Big Data Product of ZTE.
learn-anything - Organize world's knowledge, explore connections and curate learning paths
octohint - The missing IntelliSense hint for GitHub and GitLab

Vim script

vim-color-forest-night - 🌲 Comfortable & Pleasant Color Scheme for Vim, Zsh and Terminal Emulators
vim-vide - Lightest vimrc, while strong enough. 最轻的vim配置，却足够强！
ThinkVim - 🐉 A dark powerd nvim config
vim-web - ◈ 搞得像IDE一样的Vim，安装配置自己的Vim。
manjaro-linux-config - configuration for manjaro linux
dotfiles - i3-gaps Dark Acid
neomake-multiprocess - A vim plugin for running multiple process asynchronously base on neomake.
vimrc-config - re-vim: sensible vim configuration
vim-galore-zh_cn - Vim 从入门到精通
dotfiles - A set of vim, zsh, git, and tmux configuration files.
k-vim - vim配置

VimL

vim-colors-solarized - precision colorscheme for the vim text editor

Visual Basic

chatter - internet monitoring osint tool for windows
dnmp - docker-compose部署LNMP环境 Nginx(Openresty)、MySQL5.7、PHP7.2(5.6)、Redis5.0、PHPMyAdmin、Xdebug
subdomain-bruteforce - a subdomain brute forcing tool for windows
Windows_Privilege_Escalation - The memory of a generation of script kid.
Winapp2 - A database of extended cleaning routines for popular Windows PC based maintenance software.
revbshell - ReVBShell - Reverse VBS Shell
XBurpCrack - This is a tool to bypass the cracked version of the burpsuite_pro(Larry_Lau) certification deadline through time reversal.
PlasmaRAT - Remote Access Trojan(RAT), Miner, DDoS
StarFighters - A JavaScript and VBScript Based Empire Launcher, which runs within their own embedded PowerShell Host.
VBSMeter - VBS Reversed TCP Meterpreter Stager
ISPiggy - Decentralized DNS fuzzer to mitigate ISP Snooping

Vue

baidupcs-web -
LiveEducation - 南开大学&计蒜客2017夏季实训光宗耀组小组项目——教育直播平台
ethereum_book - 精通以太坊（中文版）
GantTask - 甘特图任务管理器 - 适合新手学习的 Vue 完整案例
logoly - A Pornhub Flavour Logo Generator
v-region - A simple region cascade selector, provide 4 levels Chinese administrative division data
WordCards -
vue-cli3.0-vueadmin - 基于vue-cli3.0+vue+elementUI+vuex+axios+权限管理的后台管理系统
DNS-Analysis - 非法域名挖掘与画像系统。
VBlog - 使用GitHub API 搭建一个可动态发布文章的博客
PicGo - 🚀A simple & beautiful tool for pictures uploading built by electron-vue
penework - Penetration Test Framwork
geek-navigation - ⭐极客猿梦导航，分动态导航（数据库）版本和静态导航（JSON文件）版本，线上地址：[http://navigate.ym1024.com/]
Hawkeye - GitHub 泄露监控系统(GitHub Sensitive Information Leakage Monitor Spider)
Yearning - Mysql web端sql审核平台
tank-front - 蓝眼系列软件之《蓝眼云盘》前端项目
zee.kim_v4 - 个人网站之 <幸福彼岸 />（此版本已废弃）
Aoba - Create a lovely resume just with a config file.
docup - The easiest way to write beautiful docs.
linux_kernel_cves - Tracking CVEs for the linux Kernel
last-blog - 仿GitHub风格个人博客, vue+vuex+koa+mongodb
at-ui - A fresh and flat UI-Kit specially for desktop application, made with ♥ by Vue.js 2.0
tool-playground - puzzle
iview - A high quality UI Toolkit built on Vue.js 2.0
tong2-family - 基于vue、vuex、vue-router、echarts的数据可视化展示平台

XSLT

nmap-bootstrap-xsl - A Nmap XSL implementation with Bootstrap.
pentest_compilation - Compilation of commands, tips and scripts that helped me throughout Vulnhub, Hackthebox, OSCP and real scenarios

YARA

riskdetect - 恶意软件以及webshell检测
rules - Repository of yara rules
APKiD - Android Application Identifier for Packers, Protectors, Obfuscators and Oddities - PEiD for Android
signature-base - Signature base for my scanner tools

Zeek

Threat-Intelligence-Data - Snort_rules detection bad actors.

nesC

TinyOS_IDS - A IDS system for WSN based on CTP and TinyOS

License

To the extent possible under law, udpsec has waived all copyright and related or neighboring rights to this work.

threeape / awesome-hacking-lists Goto Github PK

awesome-hacking-lists's Introduction

Awesome Stars

Contents

ASP

Arduino

Assembly

AutoHotkey

AutoIt

Batchfile

C

C#

C++

CSS

CoffeeScript

Dockerfile

Emacs Lisp

Erlang

Game Maker Language

Go

HTML

Haskell

Java

JavaScript

Jupyter Notebook

KiCad

Kotlin

Logos

Lua

M

Makefile

Markdown

Mask

Max

Nginx

Objective-C

Objective-C++

Others

PHP

PLpgSQL

Pascal

Perl

PostScript

PowerShell

Python

Rich Text Format

Roff

Ruby

Rust

Shell

Smali

Smarty

SourcePawn

Swift

TSQL

Tcl

TeX

TypeScript

Vim script

VimL

Visual Basic

Vue

XSLT

YARA

Zeek

nesC

License

awesome-hacking-lists's People

Contributors

Stargazers

Watchers

Recommend Projects

Recommend Topics

Recommend Org