Skip to content

Reverse Engineering Resources About All Platforms(Windows/Linux/macOS/Android/iOS/IoT) And Every Aspect! (More than 4600 open source tools)

Notifications You must be signed in to change notification settings

erossgg/awesome-reverse-engineering

 
 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

4 Commits
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

所有收集类项目:

  • 收集的所有开源工具: 超过18K, 包括Markdown和Json两种格式
  • 逆向资源: IDA/Ghidra/x64dbg/OllDbg/WinDBG/CuckooSandbox/Radare2/BinaryNinja/DynamoRIO/IntelPin/Frida/QEMU/Android安全/iOS安全/Window安全/Linux安全/macOS安全/游戏Hacking/Bootkit/Rootkit/Angr/Shellcode/进程注入/代码注入/DLL注入/WSL/Sysmon/...
  • 网络相关的安全资源: 代理/GFW/反向代理/隧道/VPN/Tor/I2P,以及中间人/PortKnocking/嗅探/网络分析/网络诊断等
  • 攻击性网络安全资源: 漏洞/渗透/物联网安全/数据渗透/Metasploit/BurpSuite/KaliLinux/C&C/OWASP/免杀/CobaltStrike/侦查/OSINT/社工/密码/凭证/威胁狩猎/Payload/WifiHacking/无线攻击/后渗透/提权/UAC绕过/...

ReverseEngineering

  • 跟逆向有关的资源收集。当前包括的工具个数4600+,并根据功能进行了粗糙的分类。部分工具添加了中文描述。当前包括文章数600左右。
  • 此页只包含部分内容. 查看完整版

说明

EnglishVersion

目录

TODO

  • 对工具进行更细致的分类
  • 为工具添加详细的中文描述,包括其内部实现原理和使用方式
  • 添加非Github repo
  • 补充文章
  • 修改已添加文章的描述

IDA


插件&&脚本

  • 以Github开源工具为主

新添加的

未分类

  • [1058星][9d] [Py] fireeye/flare-ida 多工具
    • StackStrings 自动恢复手动构造的字符串
    • Struct Typer implements the struct typing described here
    • ApplyCalleeType specify or choose a function type for indirect calls as described here
    • argtracker 识别函数使用的静态参数
    • idb2pat FLIRT签名生成
    • objc2_analyzer 在目标Mach-O可执行文件的与Objective-C运行时相关的部分中定义的选择器引用及其实现之间创建交叉引用
    • MSDN Annotations 从XML文件中提取MSDN信息,添加到IDB数据库中
    • ironstrings 使用代码模拟执行(flare-emu), 恢复构造的字符串
    • Shellcode Hashes 生成Hash数据库
  • [737星][7m] [Py] devttys0/ida IDA插件/脚本/模块收集
    • wpsearch 查找在MIPS WPS checksum实现中常见的立即数
    • md5hash 纯Python版的MD5 hash实现(IDA的hashlib有问题)
    • alleycat 查找向指定的函数内代码块的路径、查找两个或多个函数之间的路径、生成交互式调用图、可编程
    • codatify 定义IDA自动化分析时miss的ASCII字符串、函数、代码。将data段的所有未定义字节转换为DWORD(于是IDA可识别函数和跳转表指针)
    • fluorescence 高亮函数调用指令
    • leafblower 识别常用的POSIX函数:printf, sprintf, memcmp, strcpy等
    • localxrefs 在当前函数内部查找所有对任意选择文本的引用
    • mipslocalvars 对栈上只用于存储寄存器的变量进行命名,简化栈数据分析(MISP)
    • mipsrop 在MIPS可执行代码中搜寻ROP。查找常见的ROP
    • rizzo 对2个或多个IDB之间的函数进行识别和重命名,基于:函数签名、对唯一字符串/常量的引用、模糊签名、调用图
  • [318星][2m] [C] ohjeongwook/darungrim 软件补丁分析工具
  • [277星][4m] [Py] jpcertcc/aa-tools 多脚本

结构体&&类的检测&&创建&&恢复

未分类

C++类&&虚表

  • [607星][3m] [Py] 0xgalz/virtuailor 利用IDA调试获取的信息,自动创建C++的虚表
    • 重复区段: IDA->插件->调试->调试数据 |

      查看详情

      静态部分:

      • 检测非直接调用
      • 利用条件断点, Hook非直接调用的值赋值过程

      动态 部分

      • 创建虚表结构
      • 重命名函数和虚表地址
      • 给反汇编非直接调用添加结构偏移
      • 给非直接调用到虚表之间添加交叉引用

      使用

      • File -> Script File -> Main.py(设置断点) -> IDA调试器执行

收集

外观&&主题

固件&&嵌入式设备

签名(FLIRT等)&&比较(Diff)&&匹配

未分类

FLIRT签名

FLIRT签名收集
FLIRT签名生成

Diff&&Match工具

Yara

IDB操作

协作逆向&&多人操作相同IDB文件

与调试器同步&&通信&&交互

导入导出&与其他工具交互

未分类

Ghidra

BinNavi

BinaryNinja

Radare2

Frida

IntelPin

针对特定分析目标

未分类

Loader&Processor

GoLang

Windows驱动

PS3&&PS4

PDB

Flash&&SWF

特定样本家族

CTF

IDAPython本身

未分类

cheatsheets

指令参考&文档

辅助脚本编写

未分类

Qt

控制台&&窗口界面

  • [269星][30d] [Py] eset/ipyida 集成IPython控制台

插件模板

其他语言

古老的

调试&&动态运行&动态数据

未分类

DBI数据

调试数据

  • [607星][3m] [Py] 0xgalz/virtuailor 利用IDA调试获取的信息,自动创建C++的虚表

    • 重复区段: IDA->插件->结构体->C++类 |

      查看详情

      静态部分:

      • 检测非直接调用
      • 利用条件断点, Hook非直接调用的值赋值过程

      动态 部分

      • 创建虚表结构
      • 重命名函数和虚表地址
      • 给反汇编非直接调用添加结构偏移
      • 给非直接调用到虚表之间添加交叉引用

      使用

      • File -> Script File -> Main.py(设置断点) -> IDA调试器执行
  • [386星][5m] [Py] ynvb/die 使用IDA调试器收集动态运行信息, 辅助静态分析

反编译器&&AST

反混淆

效率&&导航&&快速访问&&图形&&图像&&可视化

其他

显示增强

图形&&图像

  • [2569星][5m] [Java] google/binnavi 二进制分析IDE, 对反汇编代码的控制流程图和调用图进行探查/导航/编辑/注释.(IDA插件的作用是导出反汇编)

搜索

Android

Apple&&macOS&&iXxx&&Objective-C&&SWift&&Mach-O

未分类

内核缓存

Mach-O

Swift

ELF

Microcode

模拟器集成

作为辅助&&构成其他的一环

漏洞

未分类

ROP

补丁&&Patch

其他

函数相关

未分类

重命名&&前缀&&标记

导航&&查看&&查找

demangle

污点分析&&符号执行

字符串

加密解密


文章

新添加的

未分类

Tips&&Tricks

系列文章-Labeless插件介绍

系列文章-使用IDA从零开始学逆向

系列文章-IDAPython-让你的生活更美好

原文

译文

系列文章-使用IDA逆向C代码

工具&&插件&&脚本介绍

未分类

Loader&&Processor

与其他工具交互

翻译-TheIDAProBook

翻译-ReverseEngineeringCodeWithIDAPro

IDA本身

逆向实战

未分类

恶意代码分析

漏洞分析&&挖掘

Microcode

IDA对抗

Ghidra


插件&&脚本

Ghidra

新添加的

特定分析目标

未分类

Loader&&Processor

Xbox

与其他工具交互

未分类

Radare2

IDA

DBI

调试器

外观&&主题

脚本编写

其他

编程语言


文章&&视频

新添加的1

新添加的

Ghidra漏洞

实战分析

未分类

漏洞分析&&挖掘

恶意代码

其他

Tips&&Tricks

工具&&插件&&脚本

x64dbg


插件&&脚本

x64dbg

  • [34576星][26d] [C++] x64dbg/x64dbg Windows平台x32/x64调试器

新添加的


文章&&视频

OllyDbg


插件&&脚本

新添加的


文章&&视频

WinDBG


插件&&脚本

新添加的


文章&&视频

Android


工具

新添加的1

  • [6101星][2m] [Java] google/android-classyshark 分析基于Android/Java的App或游戏
  • [6094星][5m] [Java] qihoo360/replugin RePlugin - A flexible, stable, easy-to-use Android Plug-in Framework
  • [5195星][11d] [Py] mobsf/mobile-security-framework-mobsf Mobile Security Framework (MobSF) is an automated, all-in-one mobile application (Android/iOS/Windows) pen-testing, malware analysis and security assessment framework capable of performing static and dynamic analysis.
  • [5084星][7d] [HTML] owasp/owasp-mstg 关于移动App安全开发、测试和逆向的相近手册
  • [4882星][16d] [Java] guardianproject/haven 通过Android应用和设备上的传感器保护自己的个人空间和财产而又不损害
  • [4776星][4d] [C++] facebook/redex Android App字节码优化器
  • [4306星][7d] [Shell] ashishb/android-security-awesome A collection of android security related resources
  • [3649星][1m] [C++] anbox/anbox 在常规GNU / Linux系统上引导完整的Android系统,基于容器
  • [2314星][1y] [Java] csploit/android cSploit - The most complete and advanced IT security professional toolkit on Android.
  • [2120星][9m] [Py] linkedin/qark 查找Android App的漏洞, 支持源码或APK文件
  • [2095星][10m] jermic/android-crack-tool
  • [2051星][13d] [Py] sensepost/objection runtimemobile exploration
  • [2011星][7m] [Py] fsecurelabs/drozer The Leading Security Assessment Framework for Android.
  • [1976星][] [Java] kyson/androidgodeye AndroidGodEye:A performance monitor tool , like "Android Studio profiler" for Android , you can easily monitor the performance of your app real time in pc browser
  • [1925星][7m] [Java] fuzion24/justtrustme An xposed module that disables SSL certificate checking for the purposes of auditing an app with cert pinning
  • [1430星][11m] [Java] aslody/legend (Android)无需Root即可Hook Java方法的框架, 支持Dalvik和Art环境
  • [1417星][1m] [Java] chrisk44/hijacker Aircrack, Airodump, Aireplay, MDK3 and Reaver GUI Application for Android
  • [1241星][3m] [Java] whataa/pandora an android library for debugging what we care about directly in app.
  • [1235星][1m] [Java] find-sec-bugs/find-sec-bugs The SpotBugs plugin for security audits of Java web applications and Android applications. (Also work with Kotlin, Groovy and Scala projects)
  • [1213星][1m] [JS] megatronking/httpcanary A powerful capture and injection tool for the Android platform
  • [1208星][3m] [Java] javiersantos/piracychecker An Android library that prevents your app from being pirated / cracked using Google Play Licensing (LVL), APK signature protection and more. API 14+ required.
  • [1134星][24d] [Java] huangyz0918/androidwm 一个支持不可见数字水印(隐写术)的android图像水印库。
  • [885星][2m] [C] 504ensicslabs/lime LiME (formerly DMD) is a Loadable Kernel Module (LKM), which allows the acquisition of volatile memory from Linux and Linux-based devices, such as those powered by Android. The tool supports acquiring memory either to the file system of the device or over the network. LiME is unique in that it is the first tool that allows full memory captures f…
  • [820星][3d] proxymanapp/proxyman Modern and Delightful HTTP Debugging Proxy for macOS, iOS and Android
  • [810星][4m] [Scala] antox/antox Android client for Project Tox - Secure Peer to Peer Messaging
  • [800星][3m] sh4hin/androl4b 用于评估Android应用程序,逆向工程和恶意软件分析的虚拟机
  • [769星][1y] [C] ele7enxxh/android-inline-hook thumb16 thumb32 arm32 inlineHook in Android
  • [668星][1m] doridori/android-security-reference A W.I.P Android Security Ref
  • [608星][7m] [JS] vincentcox/stacoan StaCoAn is a crossplatform tool which aids developers, bugbounty hunters and ethical hackers performing static code analysis on mobile applications.
  • [559星][6d] [Shell] owasp/owasp-masvs OWASP 移动App安全标准
  • [546星][1m] nordicsemiconductor/android-nrf-connect Documentation and issue tracker for nRF Connect for Android.
  • [541星][1y] [Java] jaredrummler/apkparser APK parser for Android
  • [527星][4m] [JS] wooyundota/droidsslunpinning Android certificate pinning disable tools
  • [518星][3m] [Java] megatronking/stringfog 一款自动对字节码中的字符串进行加密Android插件工具
  • [511星][] [Java] happylishang/cacheemulatorchecker Android模拟器检测,检测Android模拟器 ,获取相对真实的IMEI AndroidId 序列号 MAC地址等,作为DeviceID,应对防刷需求等
  • [482星][1m] [JS] lyxhh/lxhtoolhttpdecrypt Simple Android/iOS protocol analysis and utilization tool
  • [450星][12m] [Kotlin] shadowsocks/kcptun-android kcptun for Android.
  • [443星][23d] [TS] shroudedcode/apk-mitm
  • [431星][5d] [C] guardianproject/orbot The Github home of Orbot: Tor on Android (Also available on gitlab!)
  • [426星][11d] [Py] thehackingsage/hacktronian All in One Hacking Tool for Linux & Android
  • [412星][4m] [Java] megatronking/netbare Net packets capture & injection library designed for Android
  • [409星][3m] [CSS] angea/pocorgtfo a "Proof of Concept or GTFO" mirror with extra article index, direct links and clean PDFs.
  • [408星][1y] [Java] testwhat/smaliex A wrapper to get de-optimized dex from odex/oat/vdex.
  • [379星][5m] [Makefile] crifan/android_app_security_crack 安卓应用的安全和破解
  • [379星][1y] [CSS] nowsecure/secure-mobile-development A Collection of Secure Mobile Development Best Practices
  • [358星][5m] b3nac/android-reports-and-resources A big list of Android Hackerone disclosed reports and other resources.
  • [358星][5m] [C] the-cracker-technology/andrax-mobile-pentest ANDRAX The first and unique Penetration Testing platform for Android smartphones
  • [333星][17d] [Java] datatheorem/trustkit-android Easy SSL pinning validation and reporting for Android.
  • [284星][9m] [Py] micropyramid/forex-python Foreign exchange rates, Bitcoin price index and currency conversion using ratesapi.io
  • [267星][4m] [Py] amimo/dcc DCC (Dex-to-C Compiler) is method-based aot compiler that can translate DEX code to C code.
  • [265星][3d] [Py] den4uk/andriller Andriller - is software utility with a collection of forensic tools for smartphones. It performs read-only, forensically sound, non-destructive acquisition from Android devices.
  • [251星][10m] [C] chef-koch/android-vulnerabilities-overview An small overview of known Android vulnerabilities
  • [234星][2m] [C] grant-h/qu1ckr00t A PoC application demonstrating the power of an Android kernel arbitrary R/W.
  • [234星][1y] [Ruby] hahwul/droid-hunter (deprecated) Android application vulnerability analysis and Android pentest tool
  • [229星][8m] [Java] jieyushi/luffy Android字节码插件,编译期间动态修改代码,改造添加全埋点日志采集功能模块,对常见控件进行监听处理
  • [225星][3m] [Java] virb3/trustmealready Disable SSL verification and pinning on Android, system-wide
  • [208星][18d] [C] derrekr/fastboot3ds A homebrew bootloader for the Nintendo 3DS that is similar to android's fastboot.

新添加的

HotFix

  • [14557星][5d] [Java] tencent/tinker Tinker is a hot-fix solution library for Android, it supports dex, library and resources update without reinstall apk.
  • [3462星][19d] [Java] meituan-dianping/robust Robust is an Android HotFix solution with high compatibility and high stability. Robust can fix bugs immediately without a reboot.
  • [1117星][5m] [Java] manbanggroup/phantom 唯一零 Hook 稳定占坑类 Android 热更新插件化方案

打包

  • [5080星][2m] [Java] meituan-dianping/walle Android Signature V2 Scheme签名下的新一代渠道包打包神器

收集

各类App

Xposed

  • [8756星][1m] [Java] android-hacker/virtualxposed A simple app to use Xposed without root, unlock the bootloader or modify system image, etc.
  • [2559星][7m] taichi-framework/taichi A framework to use Xposed module with or without Root/Unlock bootloader, supportting Android 5.0 ~ 10.0
  • [2034星][4d] [Java] elderdrivers/edxposed Elder driver Xposed Framework.
  • [1726星][1y] [Java] ac-pm/inspeckage Android Package Inspector - dynamic analysis with api hooks, start unexported activities and more. (Xposed Module)
  • [1655星][1m] [Java] tiann/epic Dynamic java method AOP hook for Android(continution of Dexposed on ART), Supporting 4.0~10.0
  • [1296星][1m] [Java] android-hacker/exposed A library to use Xposed without root or recovery(or modify system image etc..).
  • [790星][8m] [Java] blankeer/mdwechat 一个能让微信 Material Design 化的 Xposed 模块
  • [669星][4d] [Java] ganyao114/sandhook Android ART Hook/Native Inline Hook/Single Instruction Hook - support 4.4 - 10.0 32/64 bit - Xposed API Compat
  • [478星][2m] [Java] tornaco/x-apm 应用管理 Xposed
  • [322星][1y] [C] smartdone/dexdump 一个用来快速脱一代壳的工具(稍微改下就可以脱类抽取那种壳)(Android)
  • [309星][25d] bigsinger/androididchanger Xposed Module for Changing Android Device Info
  • [309星][5d] [Java] ganyao114/sandvxposed Xposed environment without root (OS 5.0 - 10.0)
  • [204星][1y] [C] gtoad/android_inline_hook Build an so file to automatically do the android_native_hook work. Supports thumb-2/arm32 and ARM64 ! With this, tools like Xposed can do android native hook.

加壳&&脱壳

  • [1793星][8m] [C++] wrbug/dumpdex Android脱壳
  • [1465星][3m] [C++] vaibhavpandeyvpz/apkstudio Open-source, cross platform Qt based IDE for reverse-engineering Android application packages.
  • [811星][4m] [C] strazzere/android-unpacker Android Unpacker presented at Defcon 22: Android Hacker Protection Level 0
  • [712星][2m] [YARA] rednaga/apkid Android Application Identifier for Packers, Protectors, Obfuscators and Oddities - PEiD for Android
  • [366星][3m] [Java] patrickfav/uber-apk-signer A cli tool that helps signing and zip aligning single or multiple Android application packages (APKs) with either debug or provided release certificates. It supports v1, v2 and v3 Android signing scheme has an embedded debug keystore and auto verifies after signing.
  • [322星][6m] [Shell] 1n3/reverseapk Quickly analyze and reverse engineer Android packages

HOOK

  • [1500星][19d] [C] iqiyi/xhook a PLT (Procedure Linkage Table) hook library for Android native ELF
  • [1494星][t] [C++] jmpews/dobby a lightweight, multi-platform, multi-architecture hook framework.
  • [804星][17d] [C++] aslody/whale Hook Framework for Android/IOS/Linux/MacOS
  • [530星][7m] [Java] aslody/andhook Android dynamic instrumentation framework
  • [361星][8m] [C] turing-technician/fasthook Android ART Hook

Emulator&&模拟器

IDA

Debug&&调试

Malware&&恶意代码

Obfuscate&&混淆

ReverseEngineering


文章&&视频

Apple&&iOS&&iXxx


工具

新添加的

  • [10966星][2d] [ObjC] flipboard/flex An in-app debugging and exploration tool for iOS
  • [8031星][2m] [Py] facebook/chisel Chisel is a collection of LLDB commands to assist debugging iOS apps.
  • [5775星][3m] [ObjC] square/ponydebugger Remote network and data debugging for your native iOS app using Chrome Developer Tools
  • [5451星][3m] [Py] axi0mx/ipwndfu open-source jailbreaking tool for many iOS devices
  • [5390星][5m] [C] pwn20wndstuff/undecimus unc0ver jailbreak for iOS 11.0 - 12.4
  • [4663星][29d] [C] google/ios-webkit-debug-proxy A DevTools proxy (Chrome Remote Debugging Protocol) for iOS devices (Safari Remote Web Inspector).
  • [4397星][4d] [Swift] signalapp/signal-ios A private messenger for iOS.
  • [4248星][8m] [ObjC] alonemonkey/monkeydev CaptainHook Tweak、Logos Tweak and Command-line Tool、Patch iOS Apps, Without Jailbreak.
  • [3686星][4m] [C] facebook/fishhook A library that enables dynamically rebinding symbols in Mach-O binaries running on iOS.
  • [3414星][1m] icodesign/potatso Potatso is an iOS client that implements different proxies with the leverage of NetworkExtension framework in iOS 10+.
  • [3327星][3m] [Swift] yagiz/bagel a little native network debugging tool for iOS
  • [3071星][10m] [JS] jipegit/osxauditor OS X Auditor is a free Mac OS X computer forensics tool
  • [2867星][4d] [ObjC] facebook/idb idb is a flexible command line interface for automating iOS simulators and devices
  • [2795星][16d] [Swift] kasketis/netfox A lightweight, one line setup, iOS / OSX network debugging library!
  • [2753星][1m] [Makefile] theos/theos A cross-platform suite of tools for building and deploying software for iOS and other platforms.
  • [2733星][18d] [ObjC] dantheman827/ios-app-signer This is an app for OS X that can (re)sign apps and bundle them into ipa files that are ready to be installed on an iOS device.
  • [2708星][2m] [ObjC] kjcracks/clutch Fast iOS executable dumper
  • [2057星][11d] [ObjC] ios-control/ios-deploy Install and debug iPhone apps from the command line, without using Xcode
  • [1801星][1y] aozhimin/ios-monitor-platform
  • [1695星][6m] [Py] yelp/osxcollector A forensic evidence collection & analysis toolkit for OS X
  • [1683星][1m] [Swift] pmusolino/wormholy iOS network debugging, like a wizard 🧙‍♂️
  • [1642星][6m] [Objective-C++] tencent/oomdetector OOMDetector is a memory monitoring component for iOS which provides you with OOM monitoring, memory allocation monitoring, memory leak detection and other functions.
  • [1630星][1m] ivrodriguezca/re-ios-apps A completely free, open source and online course about Reverse Engineering iOS Applications.
  • [1442星][20d] [ObjC] nabla-c0d3/ssl-kill-switch2 Blackbox tool to disable SSL certificate validation - including certificate pinning - within iOS and OS X Apps
  • [1299星][5m] [JS] feross/spoof Easily spoof your MAC address in macOS, Windows, & Linux!
  • [1291星][1m] [JS] icymind/vrouter 一个基于 VirtualBox 和 openwrt 构建的项目, 旨在实现 macOS / Windows 平台的透明代理.
  • [1253星][2m] [Vue] chaitin/passionfruit iOSapp 黑盒评估工具。功能丰富,自带基于web的 GUI
  • [1252星][9d] michalmalik/osx-re-101 OSX/iOS逆向资源收集
  • [1239星][t] [C] datatheorem/trustkit Easy SSL pinning validation and reporting for iOS, macOS, tvOS and watchOS.
  • [1215星][8d] [YARA] horsicq/detect-it-easy Program for determining types of files for Windows, Linux and MacOS.
  • [1193星][7d] [JS] alonemonkey/frida-ios-dump pull decrypted ipa from jailbreak device
  • [1113星][1y] [ObjC] neoneggplant/eggshell iOS/macOS/Linux Remote Administration Tool
  • [1001星][2m] [ObjC] lmirosevic/gbdeviceinfo Detects the hardware, software and display of the current iOS or Mac OS X device at runtime.
  • [907星][3m] [ObjC] ptoomey3/keychain-dumper A tool to check which keychain items are available to an attacker once an iOS device has been jailbroken
  • [866星][8d] [ObjC] meitu/mthawkeye Profiling / Debugging assist tools for iOS. (Memory Leak, OOM, ANR, Hard Stalling, Network, OpenGL, Time Profile ...)
  • [840星][] [JS] cypress-io/cypress-example-recipes Various recipes for testing common scenarios with Cypress
  • [796星][5d] [Shell] aqzt/kjyw 快捷运维,代号kjyw,项目基于shell、python,运维脚本工具库,收集各类运维常用工具脚本,实现快速安装nginx、mysql、php、redis、nagios、运维经常使用的脚本等等...
  • [662星][1y] [Py] deepzec/bad-pdf create malicious PDF file to steal NTLM(NTLMv1/NTLMv2) Hashes from windows machines
  • [651星][9m] [ObjC] chenxiancai/stcobfuscator iOS全局自动化 代码混淆 工具!支持cocoapod组件代码一并 混淆,完美避开hardcode方法、静态库方法和系统库方法!
  • [636星][1y] [Swift] phynet/ios-url-schemes a github solution from my gist of iOS list for urls schemes
  • [604星][2m] siguza/ios-resources Useful resources for iOS hacking
  • [500星][19d] [Swift] google/science-journal-ios Use the sensors in your mobile devices to perform science experiments. Science doesn’t just happen in the classroom or lab—tools like Science Journal let you see how the world works with just your phone.
  • [482星][1y] [Swift] icepa/icepa iOS system-wide VPN based Tor client
  • [478星][7d] pixelcyber/thor HTTP Sniffer/Capture on iOS for Network Debug & Inspect.
  • [471星][8m] [C++] everettjf/machoexplorer MachO文件查看器,支持Windows和macOS
  • [462星][7d] [Java] dsheirer/sdrtrunk A cross-platform java application for decoding, monitoring, recording and streaming trunked mobile and related radio protocols using Software Defined Radios (SDR). Website:
  • [430星][11m] captainarash/the_holy_book_of_x86 A simple guide to x86 architecture, assembly, memory management, paging, segmentation, SMM, BIOS....
  • [404星][1y] [C] coalfire-research/ios-11.1.2-15b202-jailbreak iOS 11.1.2 (15B202) Jailbreak
  • [396星][4m] ansjdnakjdnajkd/ios iOS渗透测试最有用的工具
  • [382星][11m] [C] coolstar/electra1131 electra1131: Electra for iOS 11.0 - 11.3.1
  • [375星][20d] [Swift] justeat/justlog JustLog brings logging on iOS to the next level. It supports console, file and remote Logstash logging via TCP socket with no effort. Support for logz.io available.
  • [371星][10d] [Shell] matthewpierson/1033-ota-downgrader First ever tool to downgrade ANY iPhone 5s, ANY iPad Air and (almost any) iPad Mini 2 to 10.3.3 with OTA blobs + checkm8!
  • [349星][11d] [C] jedisct1/swift-sodium Safe and easy to use crypto for iOS and macOS
  • [346星][4m] [TS] bacher09/pwgen-for-bios Password generator for BIOS
  • [340星][2m] [C] trailofbits/cb-multios DARPA Challenges Sets for Linux, Windows, and macOS
  • [322星][2m] [ObjC] auth0/simplekeychain A Keychain helper for iOS to make it very simple to store/obtain values from iOS Keychain
  • [310星][20d] [Swift] securing/iossecuritysuite iOS platform security & anti-tampering Swift library
  • [287星][6m] [Shell] 0ki/mikrotik-tools Tools for Mikrotik devices - universal jailbreak tool
  • [263星][6d] [ObjC] strongbox-password-safe/strongbox A KeePass/Password Safe Client for iOS and OS X
  • [247星][1m] [C++] s0uthwest/futurerestore iOS upgrade and downgrade tool utilizing SHSH blobs
  • [244星][6m] [JS] we11cheng/wcshadowrocket iOS Shadowrocket(砸壳重签,仅供参考,添加节点存在问题)。另一个fq项目potatso源码参见:
  • [239星][1y] [ObjC] lmirosevic/gbping Highly accurate ICMP Ping controller for iOS
  • [238星][4m] [Swift] shadowsocksr-live/ishadowsocksr ShadowsocksR for iOS, come from
  • [223星][11m] [AppleScript] lifepillar/csvkeychain Import/export between Apple Keychain.app and plain CSV file.
  • [219星][6m] [ObjC] rickyzhang82/tethering Proxy and DNS Server on iOS
  • [213星][8m] [C] owasp/igoat OWASP iGoat - A Learning Tool for iOS App Pentesting and Security by Swaroop Yermalkar
  • [211星][5d] [TS] bevry/getmac Get the mac address of the current machine you are on via Node.js
  • [203星][5m] [Py] googleprojectzero/ios-messaging-tools several tools Project Zero uses to test iPhone messaging
  • [200星][5m] [PS] mkellerman/invoke-commandas Invoke Command As System/Interactive/GMSA/User on Local/Remote machine & returns PSObjects.

XCode

  • [6203星][3m] [ObjC] johnno1962/injectionforxcode Runtime Code Injection for Objective-C & Swift
  • [1606星][2m] [Swift] indragiek/inappviewdebugger A UIView debugger (like Reveal or Xcode) that can be embedded in an app for on-device view debugging
  • [1409星][27d] [Swift] johnno1962/injectioniii Re-write of Injection for Xcode in (mostly) Swift4
  • [572星][1m] [ObjC] hdb-li/lldebugtool LLDebugTool is a debugging tool for developers and testers that can help you analyze and manipulate data in non-xcode situations.
  • [384星][2m] [JS] johnno1962/xprobeplugin Live Memory Browser for Apps & Xcode

越狱

LLDB

  • [784星][3m] [C++] nodejs/llnode An lldb plugin for Node.js and V8, which enables inspection of JavaScript states for insights into Node.js processes and their core dumps.
  • [636星][2m] [C++] apple/swift-lldb This is the version of LLDB that supports the Swift programming language & REPL.
  • [492星][20d] [Rust] vadimcn/vscode-lldb A native debugger extension for VSCode based on LLDB
  • [388星][2m] [C++] llvm-mirror/lldb Mirror of official lldb git repository located at

文章&&视频

Cuckoo


工具

新添加的


文章&&视频

DBI


DynamoRIO

工具

DynamoRIO

新添加的

  • [249星][4m] [C] ampotos/dynstruct Reverse engineering tool for automatic structure recovering and memory use analysis based on DynamoRIO and Capstone

与其他工具交互

文章&&视频


IntelPin

工具

新添加的

  • [299星][2m] [C] vusec/vuzzer depends heavily on a modeified version of DataTracker, which in turn depends on LibDFT pintool.

与其他工具交互

未分类

文章&&视频


Frida

工具

Frida

  • [4516星][5d] [Makefile] frida/frida Clone this repo to build Frida

新添加的

  • [1193星][7d] [JS] alonemonkey/frida-ios-dump pull decrypted ipa from jailbreak device
  • [895星][5m] [JS] dpnishant/appmon 用于监视和篡改本地macOS,iOS和android应用程序的系统API调用的自动化框架。基于Frida。
  • [645星][8d] [Py] igio90/dwarf Full featured multi arch/os debugger built on top of PyQt5 and frida
  • [559星][1m] [JS] nccgroup/house 运行时手机 App 分析工具包, 带Web GUI
  • [513星][24d] [JS] iddoeldor/frida-snippets Hand-crafted Frida examples
  • [422星][12m] [Py] dstmath/frida-unpack 基于Frida的脱壳工具
  • [420星][5d] [C] frida/frida-python Frida Python bindings
  • [332星][7d] [JS] chichou/bagbak Yet another frida based iOS dumpdecrypted, works on iOS 13 with checkra1n and supports decrypting app extensions
  • [321星][29d] [C] frida/frida-core Frida core library intended for static linking into bindings
  • [308星][4m] [JS] smartdone/frida-scripts 一些frida脚本
  • [283星][8m] [Py] nightbringer21/fridump A universal memory dumper using Frida
  • [250星][1y] [Py] igio90/frick aka the first debugger built on top of frida
  • [243星][11d] [JS] frenchyeti/dexcalibur Dynamic binary instrumentation tool designed for Android application and powered by Frida. It disassembles dex, analyzes it statically, generates hooks, discovers reflected methods, stores intercepted data and does new things from it. Its aim is to be an all-in-one Android reverse engineering platform.
  • [228星][5d] [C] frida/frida-gum Low-level code instrumentation library used by frida-core

与其他工具交互

未分类
IDA
BinaryNinja
Radare2

文章&&视频


其他

其他


文章-新添加的


工具-新添加的

  • [19766星][3m] [Jupyter Notebook] camdavidsonpilon/probabilistic-programming-and-bayesian-methods-for-hackers aka "Bayesian Methods for Hackers": An introduction to Bayesian methods + probabilistic programming with a computation/understanding-first, mathematics-second point of view. All in pure Python ;)
  • [14349星][1m] [Py] corentinj/real-time-voice-cloning Clone a voice in 5 seconds to generate arbitrary speech in real-time
  • [11402星][2d] [Java] oracle/graal Run Programs Faster Anywhere
  • [11213星][2m] [Jupyter Notebook] selfteaching/the-craft-of-selfteaching One has no future if one couldn't teach themself.
  • [10378星][3d] [Go] goharbor/harbor An open source trusted cloud native registry project that stores, signs, and scans content.
  • [7748星][2d] [Go] git-lfs/git-lfs Git extension for versioning large files
  • [7020星][6d] [Go] nats-io/nats-server High-Performance server for NATS, the cloud native messaging system.
  • [6894星][2m] [Go] sqshq/sampler A tool for shell commands execution, visualization and alerting. Configured with a simple YAML file.
  • [6454星][9m] [HTML] open-power-workgroup/hospital OpenPower工作组收集汇总的医院开放数据
  • [6353星][1m] [Py] seatgeek/fuzzywuzzy Fuzzy String Matching in Python
  • [6055星][7m] [JS] haotian-wang/google-access-helper 谷歌访问助手破解版
  • [5876星][3m] [Gnuplot] nasa-jpl/open-source-rover A build-it-yourself, 6-wheel rover based on the rovers on Mars!
  • [5829星][7m] [JS] sindresorhus/fkill-cli Fabulously kill processes. Cross-platform.
  • [5753星][10d] [Go] casbin/casbin An authorization library that supports access control models like ACL, RBAC, ABAC in Golang
  • [5751星][8m] [C] xoreaxeaxeax/movfuscator C编译器,编译的二进制文件只有1个代码块。
  • [5717星][20d] [JS] swagger-api/swagger-editor Swagger Editor
  • [5420星][4d] [Py] mlflow/mlflow Open source platform for the machine learning lifecycle
  • [5229星][4m] [Py] ytisf/thezoo A repository of LIVE malwares for your own joy and pleasure. theZoo is a project created to make the possibility of malware analysis open and available to the public.
  • [5226星][5d] [Shell] denisidoro/navi An interactive cheatsheet tool for the command-line
  • [5116星][3d] [ASP] hq450/fancyss fancyss is a project providing tools to across the GFW on asuswrt/merlin based router.
  • [5007星][1m] [Py] snare/voltron A hacky debugger UI for hackers
  • [4857星][5d] [Go] gcla/termshark A terminal UI for tshark, inspired by Wireshark
  • [4810星][8m] [Py] 10se1ucgo/disablewintracking Uses some known methods that attempt to minimize tracking in Windows 10
  • [4747星][t] [C++] paddlepaddle/paddle-lite Multi-platform high performance deep learning inference engine (『飞桨』多平台高性能深度学习预测引擎)
  • [4651星][5d] powershell/win32-openssh Win32 port of OpenSSH
  • [4610星][1y] [C] upx/upx UPX - the Ultimate Packer for eXecutables
  • [4600星][11m] [Py] ecthros/uncaptcha2 defeating the latest version of ReCaptcha with 91% accuracy
  • [4597星][4d] [C++] mozilla/rr 记录与重放App的调试执行过程
  • [4541星][4m] [TS] apis-guru/graphql-voyager
  • [4352星][12m] [Py] lennylxx/ipv6-hosts Fork of
  • [4314星][7d] [Rust] timvisee/ffsend Easily and securely share files from the command line
  • [4258星][12m] [JS] butterproject/butter-desktop All the free parts of Popcorn Time
  • [4062星][3m] [Java] jesusfreke/smali smali/baksmali
  • [4060星][2m] [JS] sigalor/whatsapp-web-reveng WhatsApp Web API逆向与重新实现
  • [4003星][3d] [Go] dexidp/dex OpenID Connect Identity (OIDC) and OAuth 2.0 Provider with Pluggable Connectors
  • [3980星][27d] [Rust] svenstaro/genact a nonsense activity generator
  • [3960星][3d] [Py] angr/angr A powerful and user-friendly binary analysis platform!
  • [3954星][8d] [Go] eranyanay/1m-go-websockets handling 1M websockets connections in Go
  • [3939星][7d] [C] aquynh/capstone Capstone disassembly/disassembler framework: Core (Arm, Arm64, BPF, EVM, M68K, M680X, MOS65xx, Mips, PPC, RISCV, Sparc, SystemZ, TMS320C64x, Web Assembly, X86, X86_64, XCore) + bindings.
  • [3908星][4d] [C++] baldurk/renderdoc RenderDoc is a stand-alone graphics debugging tool.
  • [3844星][2m] [ObjC] sveinbjornt/sloth Mac app that shows all open files, directories and sockets in use by all running processes. Nice GUI for lsof.
  • [3773星][17d] jjqqkk/chromium Chromium browser with SSL VPN. Use this browser to unblock websites.
  • [3768星][2m] [Go] microsoft/ethr Ethr is a Network Performance Measurement Tool for TCP, UDP & HTTP.
  • [3749星][4d] [Go] hashicorp/consul-template Template rendering, notifier, and supervisor for
  • [3690星][13d] [JS] lesspass/lesspass
  • [3688星][21d] [HTML] hamukazu/lets-get-arrested This project is intended to protest against the police in Japan
  • [3627星][18d] [HTML] consensys/smart-contract-best-practices A guide to smart contract security best practices
  • [3608星][] [Pascal] cheat-engine/cheat-engine Cheat Engine. A development environment focused on modding
  • [3538星][5m] [Shell] chengr28/revokechinacerts Revoke Chinese certificates.
  • [3505星][8d] [C] cyan4973/xxhash Extremely fast non-cryptographic hash algorithm
  • [3451星][10d] [C] mikebrady/shairport-sync AirPlay audio player. Shairport Sync adds multi-room capability with Audio Synchronisation
  • [3306星][11d] [C] microsoft/windows-driver-samples This repo contains driver samples prepared for use with Microsoft Visual Studio and the Windows Driver Kit (WDK). It contains both Universal Windows Driver and desktop-only driver samples.
  • [3295星][7d] [JS] koenkk/zigbee2mqtt Zigbee
  • [3289星][7d] [C] virustotal/yara The pattern matching swiss knife
  • [3280星][21d] [Java] oldmanpushcart/greys-anatomy Java诊断工具
  • [3243星][6d] [Shell] gfw-breaker/ssr-accounts 一键部署Shadowsocks服务;免费Shadowsocks账号分享;免费SS账号分享; 翻墙;无界,自由门,SquirrelVPN
  • [3233星][17d] [C] tmate-io/tmate Instant Terminal Sharing
  • [3219星][2m] [TS] google/incremental-dom An in-place DOM diffing library
  • [3202星][1y] [Shell] toyodadoubi/doubi 一个逗比写的各种逗比脚本~
  • [3188星][3d] [C] meetecho/janus-gateway Janus WebRTC Server
  • [3131星][1m] [CSS] readthedocs/sphinx_rtd_theme Sphinx theme for readthedocs.org
  • [3129星][5d] [C] qemu/qemu Official QEMU mirror. Please see
  • [3120星][2d] [Go] tencent/bk-cmdb 蓝鲸智云配置平台(BlueKing CMDB)
  • [3108星][1m] [C] unicorn-engine/unicorn Unicorn CPU emulator framework (ARM, AArch64, M68K, Mips, Sparc, X86)
  • [3052星][4m] [C++] google/robotstxt The repository contains Google's robots.txt parser and matcher as a C++ library (compliant to C++11).
  • [3010星][1y] [PHP] owner888/phpspider 《我用爬虫一天时间“偷了”知乎一百万用户,只为证明PHP是世界上最好的语言 》所使用的程序
  • [2993星][10d] [Py] quantaxis/quantaxis 支持任务调度 分布式部署的 股票/期货/自定义市场 数据/回测/模拟/交易/可视化 纯本地PAAS量化解决方案
  • [2980星][6d] [ObjC] google/santa 用于Mac系统的二进制文件白名单/黑名单系统
  • [2948星][23d] [C] libfuse/sshfs A network filesystem client to connect to SSH servers
  • [2898星][7m] [C] p-h-c/phc-winner-argon2 The password hash Argon2, winner of PHC
  • [2872星][6d] [C] lxc/lxc LXC - Linux Containers
  • [2854星][28d] [Py] espressif/esptool ESP8266 and ESP32 serial bootloader utility
  • [2848星][6m] [Py] instantbox/instantbox Get a clean, ready-to-go Linux box in seconds.
  • [2833星][2m] [Assembly] cirosantilli/x86-bare-metal-examples 几十个用于学习 x86 系统编程的小型操作系统
  • [2815星][12d] [C] processhacker/processhacker A free, powerful, multi-purpose tool that helps you monitor system resources, debug software and detect malware.
  • [2808星][10m] [Py] plasma-disassembler/plasma Plasma is an interactive disassembler for x86/ARM/MIPS. It can generates indented pseudo-code with colored syntax.
  • [2789星][5d] [C++] qtox/qtox qTox is a chat, voice, video, and file transfer IM client using the encrypted peer-to-peer Tox protocol.
  • [2772星][2m] [JS] trufflesuite/ganache-cli Fast Ethereum RPC client for testing and development
  • [2760星][] [TS] webhintio/hint
  • [2718星][3m] [Py] drivendata/cookiecutter-data-science A logical, reasonably standardized, but flexible project structure for doing and sharing data science work.
  • [2687星][2d] [Go] adguardteam/adguardhome Network-wide ads & trackers blocking DNS server
  • [2631星][8m] leandromoreira/linux-network-performance-parameters Learn where some of the network sysctl variables fit into the Linux/Kernel network flow
  • [2627星][15d] [JS] popcorn-official/popcorn-desktop Popcorn Time is a multi-platform, free software BitTorrent client that includes an integrated media player. Desktop ( Windows / Mac / Linux ) a Butter-Project Fork
  • [2621星][2m] pditommaso/awesome-pipeline A curated list of awesome pipeline toolkits inspired by Awesome Sysadmin
  • [2619星][2m] [Swift] zhuhaow/nekit A toolkit for Network Extension Framework
  • [2615星][1m] [JS] knownsec/kcon KCon is a famous Hacker Con powered by Knownsec Team.
  • [2587星][2d] [C] esnet/iperf A TCP, UDP, and SCTP network bandwidth measurement tool
  • [2535星][2m] [Java] jboss-javassist/javassist Java bytecode engineering toolkit
  • [2478星][11m] [JS] weixin/miaow A set of plugins for Sketch include drawing links & marks, UI Kit & Color sync, font & text replacing.
  • [2474星][17d] [JS] vitaly-t/pg-promise PostgreSQL interface for Node.js
  • [2391星][12d] [Java] mock-server/mockserver MockServer enables easy mocking of any system you integrate with via HTTP or HTTPS with clients written in Java, JavaScript and Ruby. MockServer also includes a proxy that introspects all proxied traffic including encrypted SSL traffic and supports Port Forwarding, Web Proxying (i.e. HTTP proxy), HTTPS Tunneling Proxying (using HTTP CONNECT) and…
  • [2364星][2d] [C] domoticz/domoticz monitor and configure various devices like: Lights, Switches, various sensors/meters like Temperature, Rain, Wind, UV, Electra, Gas, Water and much more
  • [2345星][3m] [Go] vuvuzela/vuvuzela Private messaging system that hides metadata
  • [2344星][8d] [C] tsl0922/ttyd Share your terminal over the web
  • [2340星][2m] [JS] pa11y/pa11y Pa11y is your automated accessibility testing pal
  • [2305星][2m] [C] moby/hyperkit A toolkit for embedding hypervisor capabilities in your application
  • [2286星][1m] [JS] talkingdata/inmap 大数据地理可视化
  • [2260星][5d] dumb-password-rules/dumb-password-rules Shaming sites with dumb password rules.
  • [2217星][6d] [Go] google/mtail extract whitebox monitoring data from application logs for collection in a timeseries database
  • [2214星][10d] getlantern/lantern-binaries Lantern installers binary downloads.
  • [2211星][1m] [C++] google/bloaty Bloaty McBloatface: a size profiler for binaries
  • [2194星][4d] [C] armmbed/mbedtls An open source, portable, easy to use, readable and flexible SSL library
  • [2137星][11d] [Assembly] pret/pokered disassembly of Pokémon Red/Blue
  • [2132星][12d] goq/telegram-list List of telegram groups, channels & bots // Список интересных групп, каналов и ботов телеграма // Список чатов для программистов
  • [2093星][] [C] flatpak/flatpak Linux application sandboxing and distribution framework
  • [2092星][18d] swiftonsecurity/sysmon-config Sysmon configuration file template with default high-quality event tracing
  • [2080星][1m] [Go] theupdateframework/notary Notary is a project that allows anyone to have trust over arbitrary collections of data
  • [2053星][4m] [Go] maxmcd/webtty Share a terminal session over WebRTC
  • [2053星][16d] [C#] mathewsachin/captura Capture Screen, Audio, Cursor, Mouse Clicks and Keystrokes
  • [2052星][5d] [C++] openthread/openthread OpenThread released by Google is an open-source implementation of the Thread networking protocol
  • [2031星][10m] [C] dekunukem/nintendo_switch_reverse_engineering A look at inner workings of Joycon and Nintendo Switch
  • [2003星][2m] [C++] asmjit/asmjit Complete x86/x64 JIT and AOT Assembler for C++
  • [1998星][1m] [Swift] github/softu2f Software U2F authenticator for macOS
  • [1955星][3d] [Go] solo-io/gloo An Envoy-Powered API Gateway
  • [1949星][9d] [C] microsoft/procdump-for-linux Linux 版本的 ProcDump
  • [1930星][14d] [C++] mhammond/pywin32 Python for Windows (pywin32) Extensions
  • [1907星][10d] [Go] minishift/minishift Run OpenShift 3.x locally
  • [1899星][17d] [C++] acidanthera/lilu Arbitrary kext and process patching on macOS
  • [1877星][17d] [Java] adoptopenjdk/jitwatch Log analyser / visualiser for Java HotSpot JIT compiler. Inspect inlining decisions, hot methods, bytecode, and assembly. View results in the JavaFX user interface.
  • [1863星][2d] [C++] pytorch/glow Compiler for Neural Network hardware accelerators
  • [1859星][12m] [C++] googlecreativelab/open-nsynth-super Open NSynth Super is an experimental physical interface for the NSynth algorithm
  • [1854星][11d] [C] github/glb-director GitHub Load Balancer Director and supporting tooling.
  • [1852星][1y] [Py] jinnlynn/genpac PAC/Dnsmasq/Wingy file Generator, working with gfwlist, support custom rules.
  • [1851星][1y] [Java] yeriomin/yalpstore Download apks from Google Play Store
  • [1848星][9m] [Py] netflix-skunkworks/stethoscope Personalized, user-focused recommendations for employee information security.
  • [1846星][2m] [C] retroplasma/earth-reverse-engineering Reversing Google's 3D satellite mode
  • [1837星][3m] [Go] influxdata/kapacitor Open source framework for processing, monitoring, and alerting on time series data
  • [1827星][5d] [Py] trailofbits/manticore 动态二进制分析工具,支持符号执行(symbolic execution)、污点分析(taint analysis)、运行时修改。
  • [1816星][21d] [Go] gdamore/tcell Tcell is an alternate terminal package, similar in some ways to termbox, but better in others.
  • [1786星][26d] [C++] apitrace/apitrace Tools for tracing OpenGL, Direct3D, and other graphics APIs
  • [1781星][18d] [PHP] ezyang/htmlpurifier Standards compliant HTML filter written in PHP
  • [1779星][21d] 17mon/china_ip_list
  • [1761星][1y] [JS] puppeteer/examples Use case-driven examples for using Puppeteer and headless chrome
  • [1761星][4d] [C] google/wuffs Wrangling Untrusted File Formats Safely
  • [1756星][8d] [PHP] wordpress/wordpress-coding-standards PHP_CodeSniffer rules (sniffs) to enforce WordPress coding conventions
  • [1727星][t] [TSQL] brentozarultd/sql-server-first-responder-kit sp_Blitz, sp_BlitzCache, sp_BlitzFirst, sp_BlitzIndex, and other SQL Server scripts for health checks and performance tuning.
  • [1722星][4m] [Py] anorov/cloudflare-scrape A Python module to bypass Cloudflare's anti-bot page.
  • [1714星][27d] [Go] hashicorp/memberlist Golang package for gossip based membership and failure detection
  • [1698星][13d] [C++] microsoft/detours Detours is a software package for monitoring and instrumenting API calls on Windows. It is distributed in source code form.
  • [1676星][2d] [Java] apache/geode Apache Geode
  • [1672星][7m] [C] easyhook/easyhook The reinvention of Windows API Hooking
  • [1668星][3m] [Py] boppreh/keyboard Hook and simulate global keyboard events on Windows and Linux.
  • [1659星][16d] [JS] tylerbrock/mongo-hacker MongoDB Shell Enhancements for Hackers
  • [1650星][5d] sarojaba/awesome-devblog 어썸데브블로그. 국내 개발 블로그 모음(only 실명으로).
  • [1637星][4d] [JS] efforg/privacybadger Privacy Badger is a browser extension that automatically learns to block invisible trackers.
  • [1624星][9m] [JS] localtunnel/server server for localtunnel.me
  • [1620星][8d] [C++] lief-project/lief Library to Instrument Executable Formats
  • [1592星][2m] [ObjC] ealeksandrov/provisionql Quick Look plugin for apps and provisioning profile files
  • [1584星][1y] [C] qihoo360/phptrace A tracing and troubleshooting tool for PHP scripts.
  • [1572星][25d] [C] codahale/bcrypt-ruby Ruby binding for the OpenBSD bcrypt() password hashing algorithm, allowing you to easily store a secure hash of your users' passwords.
  • [1562星][29d] [C] p-gen/smenu Terminal utility that reads words from standard input or from a file and creates an interactive selection window just below the cursor. The selected word(s) are sent to standard output for further processing.
  • [1562星][11d] [Java] gchq/gaffer A large-scale entity and relation database supporting aggregation of properties
  • [966星][7m] [PHP] jenssegers/optimus id transformation With this library, you can transform your internal id's to obfuscated integers based on Knuth's integer has和
  • [906星][7m] [C++] dfhack/dfhack Memory hacking library for Dwarf Fortress and a set of tools that use it
  • [895星][11m] [JS] levskaya/jslinux-deobfuscated An old version of Mr. Bellard's JSLinux rewritten to be human readable, hand deobfuscated and annotated.
  • [706星][1y] [Jupyter Notebook] anishathalye/obfuscated-gradients Obfuscated Gradients Give a False Sense of Security: Circumventing Defenses to Adversarial Examples
  • [658星][10m] [Jupyter Notebook] supercowpowers/data_hacking Data Hacking Project
  • [657星][1y] [Rust] endgameinc/xori Xori is an automation-ready disassembly and static analysis library for PE32, 32+ and shellcode
  • [637星][13d] [PS] olafhartong/sysmon-modular sysmon配置模块收集
  • [587星][6m] nshalabi/sysmontools Utilities for Sysmon
  • [568星][11m] [JS] raineorshine/solgraph Visualize Solidity control flow for smart contract security analysis.
  • [523星][1m] mhaggis/sysmon-dfir Sources, configuration and how to detect evil things utilizing Microsoft Sysmon.
  • [522星][4m] [Java] java-deobfuscator/deobfuscator Java 代码反混淆工具
  • [507星][8m] [JS] mindedsecurity/jstillery Advanced JavaScript Deobfuscation via Partial Evaluation
  • [480星][1y] ksluckow/awesome-symbolic-execution A curated list of awesome symbolic execution resources including essential research papers, lectures, videos, and tools.
  • [449星][12m] [C++] ntquery/scylla Imports Reconstructor
  • [447星][3m] [Go] retroplasma/flyover-reverse-engineering Reversing Apple's 3D satellite mode
  • [446星][11m] [Batchfile] ion-storm/sysmon-config Advanced Sysmon configuration, Installer & Auto Updater with high-quality event tracing
  • [408星][11d] [Py] crytic/slither Static Analyzer for Solidity
  • [383星][1y] [HTML] maestron/reverse-engineering-tutorials Reverse Engineering Tutorials
  • [344星][1y] [Ruby] calebfenton/dex-oracle A pattern based Dalvik deobfuscator which uses limited execution to improve semantic analysis
  • [308星][16d] [Py] baderj/domain_generation_algorithms 域名生成算法
  • [306星][1m] [C] nagyd/sdlpop An open-source port of Prince of Persia, based on the disassembly of the DOS version.
  • [291星][20d] [C] tomb5/tomb5 Chronicles Disassembly translated to C source code.
  • [265星][2m] [Assembly] pret/pokeyellow Disassembly of Pokemon Yellow
  • [240星][4m] [JS] consensys/surya A set of utilities for exploring Solidity contracts
  • [214星][2m] [Py] rpisec/llvm-deobfuscator
  • [211星][12m] [Java] neo23x0/fnord Pattern Extractor for Obfuscated Code

工具-其他


angr

工具

  • [534星][4d] [Py] angr/angr-doc Documentation for the angr suite
  • [305星][2m] [Py] salls/angrop a rop gadget finder and chain builder

文章


Debug&&调试

工具

  • [1450星][2d] [Go] google/gapid Graphics API Debugger
  • [1422星][9d] [C++] eteran/edb-debugger edb is a cross platform AArch32/x86/x86-64 debugger.
  • [1413星][11d] [Go] cosmos72/gomacro Interactive Go interpreter and debugger with REPL, Eval, generics and Lisp-like macros
  • [1275星][3m] [Go] solo-io/squash The debugger for microservices
  • [1147星][5m] [C++] cgdb/cgdb Console front-end to the GNU debugger
  • [1128星][12d] [C] blacksphere/blackmagic In application debugger for ARM Cortex microcontrollers.
  • [899星][2d] [Py] derekselander/lldb A collection of LLDB aliases/regexes and Python scripts to aid in your debugging sessions
  • [836星][t] [C++] tasvideos/bizhawk BizHawk is a multi-system emulator written in C#. BizHawk provides nice features for casual gamers such as full screen, and joypad support in addition to full rerecording and debugging tools for all system cores.
  • [560星][13d] [C#] microsoft/miengine The Visual Studio MI Debug Engine ("MIEngine") provides an open-source Visual Studio Debugger extension that works with MI-enabled debuggers such as gdb, lldb, and clrdbg.
  • [521星][1y] [C] wubingzheng/memleax debugs memory leak of running process. Not maintained anymore, try libleak please.
  • [462星][4m] [C++] emoon/prodbg Debugging the way it's meant to be done
  • [423星][3m] [C++] cobaltfusion/debugviewpp DebugView++, collects, views, filters your application logs, and highlights information that is important to you!
  • [418星][18d] [C++] simonkagstrom/kcov Code coverage tool for compiled programs, Python and Bash which uses debugging information to collect and report data without special compilation options
  • [377星][1m] [Py] pdbpp/pdbpp pdb++, a drop-in replacement for pdb (the Python debugger)
  • [332星][8m] [Py] romanvm/python-web-pdb Web-based remote UI for Python's PDB debugger
  • [306星][13d] [Java] widdix/aws-s3-virusscan Free Antivirus for S3 Buckets
  • [291星][4d] [Py] sosreport/sos A unified tool for collecting system logs and other debug information
  • [285星][2m] [C++] changeofpace/viviennevmm VivienneVMM is a stealthy debugging framework implemented via an Intel VT-x hypervisor.
  • [272星][4m] [Py] mariovilas/winappdbg WinAppDbg Debugger
  • [270星][13d] [Py] ionelmc/python-manhole Debugging manhole for python applications.
  • [250星][1m] [Py] quantopian/qdb Quantopian Remote Debugger for Python
  • [240星][5m] [C++] facebook/ds2 Debug server for lldb.
  • [239星][8m] [C++] strivexjun/xantidebug VMProtect 3.x Anti-debug Method Improved
  • [239星][8m] [Py] beeware/bugjar A interactive graphical debugger for Python code.
  • [233星][2m] [Py] gilligan/vim-lldb lldb debugger integration plugin for vim
  • [220星][8m] letoram/senseye Dynamic Visual Debugging / Reverse Engineering Toolsuite
  • [218星][1m] [Py] nteseyes/pylane An python vm injector with debug tools, based on gdb.
  • [213星][3d] [C++] thalium/icebox Virtual Machine Introspection, Tracing & Debugging
  • [209星][2m] [C] joyent/mdb_v8 postmortem debugging for Node.js and other V8-based programs
  • [200星][5m] [C++] rainers/cv2pdb converter of DMD CodeView/DWARF debug information to PDB files

文章


BAP

工具

文章


BinNavi

工具

文章


Decompiler&&反编译器

工具

文章


Disassemble&&反汇编

工具

  • [1374星][12d] [C] zyantific/zydis 快速的轻量级x86/x86-64 反汇编库
  • [1346星][12m] [Rust] das-labor/panopticon A libre cross-platform disassembler.
  • [877星][11m] [C++] wisk/medusa An open source interactive disassembler
  • [835星][t] [GLSL] khronosgroup/spirv-cross a practical tool and library for performing reflection on SPIR-V and disassembling SPIR-V back to high level languages.
  • [828星][2m] [C++] redasmorg/redasm The OpenSource Disassembler
  • [627星][3m] [C] gdabah/distorm Powerful Disassembler Library For x86/AMD64
  • [430星][1m] [C#] 0xd4d/iced x86/x64 disassembler, instruction decoder & encoder
  • [351星][13d] [Ruby] jjyg/metasm This is the main repository for metasm, a free assembler / disassembler / compiler written in ruby
  • [246星][5m] [Py] bontchev/pcodedmp A VBA p-code disassembler

文章


GDB

工具

  • [7019星][2d] [JS] cs01/gdbgui Browser-based frontend to gdb (gnu debugger). Add breakpoints, view the stack, visualize data structures, and more in C, C++, Go, Rust, and Fortran. Run gdbgui from the terminal and a new tab will open in your browser.
  • [6052星][5d] [Py] cyrus-and/gdb-dashboard Modular visual interface for GDB in Python
  • [3784星][11m] [Py] longld/peda Python Exploit Development Assistance for GDB
  • [2568星][30d] [Py] hugsy/gef gdb增强工具,使用Python API,用于漏洞开发和逆向分析。
  • [2439星][8d] [Py] pwndbg/pwndbg GDB插件,辅助漏洞开发和逆向
  • [1417星][3m] [Go] hellogcc/100-gdb-tips A collection of gdb tips. 100 maybe just mean many here.
  • [452星][2m] [Py] scwuaptx/pwngdb gdb for pwn
  • [446星][1y] [Py] jfoote/exploitable The 'exploitable' GDB plugin. I don't work at CERT anymore, but here is the original homepage:
  • [244星][1m] [JS] bet4it/hyperpwn A hyper plugin to provide a flexible GDB GUI with the help of GEF, pwndbg or peda
  • [208星][2m] [Py] sakhnik/nvim-gdb Neovim thin wrapper for GDB, LLDB and PDB

文章


Captcha&&验证码

工具

  • [1620星][2m] [Ruby] ambethia/recaptcha ReCaptcha helpers for ruby apps

  • [1561星][18d] [PHP] mewebstudio/captcha Captcha for Laravel 5 & 6

  • [1184星][4m] [PHP] gregwar/captcha PHP Captcha library

  • [1015星][1m] [Py] mbi/django-simple-captcha Django Simple Captcha is an extremely simple, yet highly customizable Django application to add captcha images to any Django form.

  • [897星][t] [Py] kerlomz/captcha_trainer 基于深度学习的图片验证码的解决方案

  • [642星][10d] [Ruby] markets/invisible_captcha Simple and flexible spam protection solution for Rails applications.

  • [598星][1y] [C++] nladuo/captcha-break captcha break based on opencv2, tesseract-ocr and some machine learning algorithm.

  • [423星][5m] [Java] bit4woo/recaptcha reCAPTCHA = REcognize CAPTCHA: A Burp Suite Extender that recognize CAPTCHA and use for intruder payload 自动识别图形验证码并用于burp intruder爆破模块的插件

  • [324星][9m] [JS] zyszys/awesome-captcha

  • [260星][t] [Py] kerlomz/captcha_platform [验证码识别-部署] This project is based on CNN+BLSTM+CTC to realize verificationtion. This projeccode identificat is only for deployment models.

文章

Radare2


插件&&脚本

Radare2

  • [11588星][4d] [C] radareorg/radare2 unix-like reverse engineering framework and commandline tools

新添加的

与其他工具交互

未分类

IDA

GUI

  • [6176星][t] [C++] radareorg/cutter 逆向框架 radare2的Qt界面,iaito的升级版

文章&&视频

BinaryNinja


插件&&脚本

新添加的

  • [2820星][30d] [Py] androguard/androguard Reverse engineering, Malware and goodware analysis of Android applications ... and more (ninja !)
  • [328星][5m] [Py] vector35/binaryninja-api Public API, examples, documentation and issues for Binary Ninja
  • [280星][3m] [Py] pbiernat/ripr Package Binary Code as a Python class using Binary Ninja and Unicorn Engine
  • [201星][6d] [JS] ret2got/disasm.pro A realtime assembler/disassembler (formerly known as disasm.ninja)

与其他工具交互

未分类

IDA


文章&&视频

模拟器&&虚拟机


QEMU

工具

新添加的

  • [7037星][2m] [Shell] kholia/osx-kvm Run macOS on QEMU/KVM. No support is provided at the moment.
  • [1308星][18d] [C] cisco-talos/pyrebox 逆向沙箱,基于QEMU,Python Scriptable
  • [1070星][18d] [Shell] dhruvvyas90/qemu-rpi-kernel Qemu kernel for emulating Rpi on QEMU
  • [601星][29d] [Py] nongiach/arm_now 快速创建并运行不同CPU架构的虚拟机, 用于逆向分析或执行二进制文件. 基于QEMU
  • [532星][7m] [Java] limboemu/limbo Limbo is a QEMU-based emulator for Android. It currently supports PC & ARM emulation for Intel x86 and ARM architecture. See our wiki
  • [512星][5m] [C] decaf-project/decaf DECAF (short for Dynamic Executable Code Analysis Framework) is a binary analysis platform based on QEMU. This is also the home of the DroidScope dynamic Android malware analysis platform. DroidScope is now an extension to DECAF.
  • [375星][] [C] vanhauser-thc/aflplusplus 带社区补丁的afl 2.56b
  • [278星][13d] [Shell] drtyhlpr/rpi23-gen-image Advanced Debian "stretch" and "buster" bootstrap script for RPi 0/1/2/3 and QEMU
  • [277星][1m] [C] beckus/qemu_stm32 QEMU with an STM32 microcontroller implementation
  • [242星][10m] [C++] revng/revng 二进制分析工具,基于QEMU 和LLVM

文章&&视频


其他

Windows


工具

新添加的

其他

事件日志&&事件追踪&&ETW

Sysmon

  • [206星][1y] [JS] jpcertcc/sysmonsearch Investigate suspicious activity by visualizing Sysmon's event log

WSL

.NET

  • [12676星][6d] [C#] 0xd4d/dnspy .NET debugger and assembly editor
  • [9261星][3d] [C#] icsharpcode/ilspy .NET Decompiler
  • [3694星][19d] [C#] 0xd4d/de4dot .NET deobfuscator and unpacker.
  • [3263星][7m] [JS] sindresorhus/speed-test Test your internet connection speed and ping using speedtest.net from the CLI
  • [1657星][6d] [C#] jbevain/cecil C#库, 探查/修改/生成 .NET App/库
  • [217星][11m] [C#] rainwayapp/warden Warden.NET is an easy to use process management library for keeping track of processes on Windows.

Environment&&环境&&配置

进程注入

DLL注入

代码注入

内存模块

Shellcode

  • [686星][10m] [Py] merrychap/shellen 交互式Shellcode开发环境
  • [588星][2m] [PS] monoxgas/srdi Shellcode implementation of Reflective DLL Injection. Convert DLLs to position independent shellcode
  • [536星][5m] [C++] nytrorst/shellcodecompiler 将C/C ++样式代码编译成一个小的、与位置无关且无NULL的Shellcode,用于Windows(x86和x64)和Linux(x86和x64)
  • [388星][1y] [Assembly] hasherezade/pe_to_shellcode Converts PE into a shellcode

VT&&虚拟化&&Hypbervisor

  • [1348星][14d] [C] intel/haxm Intel 开源的英特尔硬件加速执行管理器,通过硬件辅助的虚拟化引擎,加速 Windows/macOS 主机上的 IA emulation((x86/ x86_64) )
  • [1011星][1y] [C] ionescu007/simplevisor 英特尔VT-x虚拟机管理程序,简单、可移植。支持Windows和UEFI
  • [717星][15d] [C++] tandasat/hyperplatform 基于Intel VT-x的虚拟机管理程序,旨在在Windows上提供精简的VM-exit过滤平台
  • [570星][11m] [C] asamy/ksm 快速、hackable且简单的x64 VT-x虚拟机管理程序,支持Windows和Linux

内核&&驱动

注册表

系统调用

加壳&&脱壳

新添加的

  • [212星][26d] [Shell] ryran/xsos instantaneously gather information about a system together in an easy-to-read-summary, whether that system is the localhost on which xsos is being run or a system for which you have an unpacked sosreport

Themida

VMProtect


文章

Themida

Linux


工具

  • [1450星][2m] [C] feralinteractive/gamemode Optimise Linux system performance on demand
  • [1413星][13d] [C++] google/nsjail A light-weight process isolation tool, making use of Linux namespaces and seccomp-bpf syscall filters (with help of the kafel bpf language)
  • [895星][21d] [C] buserror/simavr simavr is a lean, mean and hackable AVR simulator for linux & OSX
  • [759星][30d] [Py] korcankaraokcu/pince A reverse engineering tool that'll supply the place of Cheat Engine for linux
  • [741星][2m] [C] yrp604/rappel A linux-based assembly REPL for x86, amd64, armv7, and armv8
  • [731星][9d] [C] strace/strace strace is a diagnostic, debugging and instructional userspace utility for Linux
  • [570星][11m] [C] asamy/ksm 快速、hackable且简单的x64 VT-x虚拟机管理程序,支持Windows和Linux
  • [565星][4d] [C++] intel/linux-sgx Intel SGX for Linux*
  • [560星][2m] [Py] autotest/autotest Fully automated tests on Linux
  • [536星][5m] [C++] nytrorst/shellcodecompiler 将C/C ++样式代码编译成一个小的、与位置无关且无NULL的Shellcode,用于Windows(x86和x64)和Linux(x86和x64)
  • [509星][7m] [C] iovisor/ply Dynamic Tracing in Linux
  • [468星][] [C] libreswan/libreswan an Internet Key Exchange (IKE) implementation for Linux.
  • [441星][4d] [C] facebook/openbmc OpenBMC is an open software framework to build a complete Linux image for a Board Management Controller (BMC).
  • [405星][10m] [Shell] microsoft/linux-vm-tools Hyper-V Linux Guest VM Enhancements
  • [393星][1m] [Shell] yadominjinta/atilo Linux installer for termux
  • [354星][2m] [C] seccomp/libseccomp an easy to use, platform independent, interface to the Linux Kernel's syscall filtering mechanism
  • [331星][4m] [Go] capsule8/capsule8 对云本地,容器和传统的基于 Linux 的服务器执行高级的行为监控
  • [282星][1m] [Py] facebook/fbkutils A variety of utilities built and maintained by Facebook's Linux Kernel Team that we wish to share with the community.
  • [228星][7m] [C] wkz/ply Light-weight Dynamic Tracer for Linux

文章

Hook


工具

  • [1246星][1y] [Kotlin] gh0u1l5/wechatspellbook 一个使用Kotlin编写的开源微信插件框架,底层需要 Xposed 或 VirtualXposed 等Hooking框架的支持,而顶层可以轻松对接Java、Kotlin、Scala等JVM系语言。让程序员能够在几分钟内编写出简单的微信插件,随意揉捏微信的内部逻辑。
  • [1117星][1y] [ObjC] yulingtianxia/fishchat Hook WeChat.app on non-jailbroken devices.
  • [1033星][5m] [C++] everdox/infinityhook Hook system calls, context switches, page faults and more.
  • [770星][11d] [Go] thoughtworks/talisman By hooking into the pre-push hook provided by Git, Talisman validates the outgoing changeset for things that look suspicious - such as authorization tokens and private keys.
  • [680星][8m] [Java] pagalaxylab/yahfa Yet Another Hook Framework for ART
  • [660星][9m] [C++] ysc3839/fontmod Simple hook tool to change Win32 program font.
  • [643星][3m] [C++] stevemk14ebr/polyhook x86/x64 C++ Hooking Library
  • [600星][24d] [C] mohuihui/antispy AntiSpy is a free but powerful anti virus and rootkits toolkit.It offers you the ability with the highest privileges that can detect,analyze and restore various kernel modifications and hooks.With its assistance,you can easily spot and neutralize malwares hidden from normal detectors.
  • [575星][6d] [C] yulingtianxia/blockhook Hook Objective-C blocks. A powerful AOP tool.
  • [572星][8m] [ObjC] rpetrich/captainhook Common hooking/monkey patching headers for Objective-C on Mac OS X and iPhone OS. MIT licensed
  • [533星][1y] [Objective-C++] davidgoldman/inspectivec objc_msgSend hook for debugging/inspection purposes.
  • [526星][2m] [C#] crosire/scripthookvdotnet An ASI plugin for Grand Theft Auto V, which allows running scripts written in any .NET language in-game.
  • [483星][1y] [C++] tandasat/ddimon Monitoring and controlling kernel API calls with stealth hook using EPT
  • [483星][3m] [Java] windysha/xpatch 免Root实现app加载Xposed插件工具。This is a tool to repackage apk file, then the apk can load any xposed modules installed in the device. It is another way to hook an app without root device.
  • [468星][27d] [C] wilix-team/iohook Node.js global keyboard and mouse listener.
  • [443星][13d] [C++] stevemk14ebr/polyhook_2_0 C++17, x86/x64 Hooking Libary v2.0
  • [410星][9m] [C] darthton/hyperbone Minimalistic VT-x hypervisor with hooks
  • [393星][1m] [C++] 0x09al/rdpthief Extracting Clear Text Passwords from mstsc.exe using API Hooking.
  • [363星][2m] [C++] steven-michaud/hookcase Tool for reverse engineering macOS/OS X
  • [342星][6m] [C] zeex/subhook Simple hooking library for C/C++ (x86 only, 32/64-bit, no dependencies)
  • [289星][6m] [C] outflanknl/dumpert LSASS memory dumper using direct system calls and API unhooking.
  • [262星][11m] [C] nbulischeck/tyton Linux内核模式Rootkit Hunter. 可检测隐藏系统模块、系统调用表Hooking、网络协议Hooking等
  • [250星][4m] [C] gbps/gbhv Simple x86-64 VT-x Hypervisor with EPT Hooking
  • [249星][1y] [Py] boppreh/mouse Hook and simulate global mouse events in pure Python
  • [236星][4d] [C] kubo/plthook Hook function calls by replacing PLT(Procedure Linkage Table) entries.
  • [230星][1y] [C#] misaka-mikoto-tech/monohooker hook C# method at runtime without modify dll file (such as UnityEditor.dll)
  • [219星][7m] [Java] shuihuadx/xposedhook 免重启Xposed模块改进
  • [213星][1y] [C] suvllian/process-inject 在Windows环境下的进程注入方法:远程线程注入、创建进程挂起注入、反射注入、APCInject、SetWindowHookEX注入

Monitor&&监控&&Trace&&追踪


工具

Game&&游戏


工具

  • [2457星][2d] [C#] netchx/netch 游戏加速器。支持:Socks5, Shadowsocks, ShadowsocksR, V2Ray 协议
  • [1148星][4d] [C++] crosire/reshade A generic post-processing injector for games and video software.
  • [1127星][3m] [Py] openai/neural-mmo Code for the paper "Neural MMO: A Massively Multiagent Game Environment for Training and Evaluating Intelligent Agents"
  • [1020星][1m] [C] bt3gl/pentesting-toolkit 渗透测试,CTF和战争游戏的工具收集
  • [727星][6m] [Assembly] cirosantilli/x86-assembly-cheat the bulk of the x86 instruction examples with assertions.
  • [545星][t] [C++] danielkrupinski/osiris 开源培训软件/“反恐精英:全球攻势”游戏作弊工具。设计为内部作弊-可将动态链接库(DLL)加载到游戏过程中
  • [522星][3m] [Kotlin] jire/charlatano Proves JVM cheats are viable on native games, and demonstrates the longevity against anti-cheat signature detection systems
  • [399星][14d] [Py] moloch--/rootthebox A Game of Hackers (CTF Scoreboard & Game Manager)
  • [352星][] [C#] leaguesandbox/gameserver League Sandbox's Game Server
  • [352星][1m] [C] liji32/sameboy Game Boy and Game Boy Color emulator written in C
  • [300星][] [C++] squalr/squally 2D Platformer Game for Teaching Game Hacking - C++/cocos2d-x
  • [265星][18d] [C++] niemand-sec/anticheat-testing-framework Framework to test any Anti-Cheat
  • [264星][t] [C++] fransbouma/injectablegenericcamerasystem This is a generic camera system to be used as the base for cameras for taking screenshots within games. The main purpose of the system is to hijack the in-game 3D camera by overwriting values in its camera structure with our own values so we can control where the camera is located, it's pitch/yaw/roll values, its FoV and the camera's look vector.
  • [247星][2d] [CSS] steamdatabase/gametracking-dota2
  • [246星][1y] xcsh/unity-game-hacking A guide for hacking unity games
  • [224星][6m] [JS] pavanw3b/sh00t Security Testing is not as simple as right click > Scan. It's messy, a tough game. What if you had missed to test just that one thing and had to regret later? Sh00t is a highly customizable, intelligent platform that understands the life of bug hunters and emphasizes on manual security testing.
  • [215星][6m] [C#] erfg12/memory.dll C# Hacking library for making PC game trainers.
  • [215星][3m] [C] xyzz/gamecard-microsd microSD adapter for PlayStation Vita
  • [214星][4m] [C++] eternityx/deadcell-csgo Full source to the CS:GO cheat

Malware&&恶意代码


工具

  • [5195星][11d] [Py] mobsf/mobile-security-framework-mobsf Mobile Security Framework (MobSF) is an automated, all-in-one mobile application (Android/iOS/Windows) pen-testing, malware analysis and security assessment framework capable of performing static and dynamic analysis.
  • [3369星][8d] [C] screetsec/thefatrat Thefatrat a massive exploiting tool : Easy tool to generate backdoor and easy tool to post exploitation attack like browser attack and etc . This tool compiles a malware with popular payload and then the compiled malware can be execute on windows, android, mac . The malware that created with this tool also have an ability to bypass most AV softw…
  • [2459星][3d] [PHP] misp/misp MISP (core software) - Open Source Threat Intelligence and Sharing Platform (formely known as Malware Information Sharing Platform)
  • [1433星][1y] [TS] pedronauck/reworm
  • [1268星][4d] [Shell] mitchellkrogza/nginx-ultimate-bad-bot-blocker Nginx Block Bad Bots, Spam Referrer Blocker, Vulnerability Scanners, User-Agents, Malware, Adware, Ransomware, Malicious Sites, with anti-DDOS, Wordpress Theme Detector Blocking and Fail2Ban Jail for Repeat Offenders
  • [1243星][10m] [C] a0rtega/pafish Pafish is a demonstration tool that employs several techniques to detect sandboxes and analysis environments in the same way as malware families do.
  • [1090星][1m] [Go] looterz/grimd Fast dns proxy that can run anywhere, built to black-hole internet advertisements and malware servers.
  • [1084星][2m] [PHP] nbs-system/php-malware-finder Detect potentially malicious PHP files
  • [1017星][5d] [Rich Text Format] decalage2/oletools oletools - python tools to analyze MS OLE2 files (Structured Storage, Compound File Binary Format) and MS Office documents, for malware analysis, forensics and debugging.
  • [930星][4m] [Py] airbnb/binaryalert 实时恶意代码检测,无需服务器
  • [800星][3m] sh4hin/androl4b 用于评估Android应用程序,逆向工程和恶意软件分析的虚拟机
  • [779星][2m] [Py] gosecure/malboxes Builds malware analysis Windows VMs so that you don't have to.
  • [713星][6d] [Py] sevagas/macro_pack 自动生成并混淆MS 文档, 用于渗透测试、演示、社会工程评估等
  • [682星][30d] [Py] rurik/noriben Portable, Simple, Malware Analysis Sandbox
  • [662星][8m] [Shell] rfxn/linux-malware-detect Linux Malware Detection (LMD)
  • [653星][26d] [YARA] eset/malware-ioc Indicators of Compromises (IOC) of our various investigations
  • [619星][] [Py] eliasgranderubio/dagda Docker安全套件
  • [600星][5m] fabrimagic72/malware-samples 恶意软件样本
  • [574星][2m] [HTML] gwillem/magento-malware-scanner 用于检测 Magento 恶意软件的规则/样本集合
  • [563星][3m] [Py] certsocietegenerale/fame 自动化恶意代码评估
  • [536星][2m] [Py] tencent/habomalhunter HaboMalHunter is a sub-project of Habo Malware Analysis System (
  • [494星][1m] [C] hasherezade/demos Demos of various injection techniques found in malware
  • [493星][5d] [Py] ctxis/cape Malware Configuration And Payload Extraction
  • [417星][4m] [Py] misterch0c/malsploitbase Malware exploits
  • [401星][t] [C#] collinbarrett/filterlists independent, comprehensive directory of filter and host lists for advertisements, trackers, malware, and annoyances.
  • [395星][2m] [YARA] guelfoweb/peframe PEframe is a open source tool to perform static analysis on Portable Executable malware and malicious MS Office documents.
  • [393星][6m] [JS] capacitorset/box-js A tool for studying JavaScript malware.
  • [384星][9d] [Py] alexandreborges/malwoverview Malwoverview.py is a first response tool to perform an initial and quick triage in a directory containing malware samples, specific malware sample, suspect URL and domains. Additionally, it allows to download and send samples to main online sandboxes.
  • [375星][7m] [Py] secrary/ssma SSMA - Simple Static Malware Analyzer [This project is not maintained anymore]
  • [375星][] [Shell] whonix/whonix Whonix is an operating system focused on anonymity, privacy and security. It's based on the Tor anonymity network, Debian GNU/Linux and security by isolation. DNS leaks are impossible, and not even malware with root privileges can find out the user's real IP.
  • [374星][3m] [AngelScript] inquest/malware-samples A collection of malware samples and relevant dissection information, most probably referenced from
  • [365星][4m] [Py] neo23x0/munin Online hash checker for Virustotal and other services
  • [354星][5m] [Py] hasherezade/malware_analysis Various snippets created during malware analysis
  • [342星][9m] [Py] iphelix/dnschef DNS 代理,用于渗透测试和恶意代码分析
  • [337星][8m] [Py] rek7/fireelf Fileless Linux Malware Framework
  • [332星][20d] [Py] fireeye/stringsifter A machine learning tool that ranks strings based on their relevance for malware analysis.
  • [331星][t] [Batchfile] mitchellkrogza/ultimate.hosts.blacklist The Ultimate Unified Hosts file for protecting your network, computer, smartphones and Wi-Fi devices against millions of bad web sites. Protect your children and family from gaining access to bad web sites and protect your devices and pc from being infected with Malware or Ransomware.
  • [326星][1y] [C++] m0n0ph1/process-hollowing Great explanation of Process Hollowing (a Technique often used in Malware)
  • [317星][1m] [C#] malware-dev/mdk-se Malware's Development Kit for SE
  • [305星][5m] [JS] hynekpetrak/malware-jail Sandbox for semi-automatic Javascript malware analysis, deobfuscation and payload extraction. Written for Node.js
  • [301星][12m] [Assembly] guitmz/virii Collection of ancient computer virus source codes
  • [301星][5d] [Shell] mitchellkrogza/apache-ultimate-bad-bot-blocker Apache Block Bad Bots, (Referer) Spam Referrer Blocker, Vulnerability Scanners, Malware, Adware, Ransomware, Malicious Sites, Wordpress Theme Detectors and Fail2Ban Jail for Repeat Offenders
  • [292星][10d] [PHP] phpmussel/phpmussel PHP-based anti-virus anti-trojan anti-malware solution.
  • [285星][7m] [Java] katjahahn/portex Java library to analyse Portable Executable files with a special focus on malware analysis and PE malformation robustness
  • [283星][8m] [Py] phage-nz/ph0neutria ph0neutria is a malware zoo builder that sources samples straight from the wild. Everything is stored in Viper for ease of access and manageability.
  • [278星][8m] [C] rieck/malheur A Tool for Automatic Analysis of Malware Behavior
  • [273星][2m] [JS] hynekpetrak/javascript-malware-collection Collection of almost 40.000 javascript malware samples
  • [262星][2m] [Py] felixweyne/imaginaryc2 Imaginary C2 is a python tool which aims to help in the behavioral (network) analysis of malware. Imaginary C2 hosts a HTTP server which captures HTTP requests towards selectively chosen domains/IPs. Additionally, the tool aims to make it easy to replay captured Command-and-Control responses/served payloads.
  • [259星][1m] [Py] diogo-fernan/malsub A Python RESTful API framework for online malware analysis and threat intelligence services.
  • [256星][10m] [C++] ramadhanamizudin/malware Malware Samples. Uploaded to GitHub for those want to analyse the code. Code mostly from:
  • [241星][8m] [C++] mstfknn/malware-sample-library Malware sample library.
  • [240星][2m] [Py] a3sal0n/falcongate A smart gateway to stop hackers and Malware attacks
  • [240星][7d] [Shell] essandess/macos-fortress Firewall and Privatizing Proxy for Trackers, Attackers, Malware, Adware, and Spammers with Anti-Virus On-Demand and On-Access Scanning (PF, squid, privoxy, hphosts, dshield, emergingthreats, hostsfile, PAC file, clamav)
  • [237星][3m] [C++] richkmeli/richkware Framework for building Windows malware, written in C++
  • [233星][2m] [C] elfmaster/libelfmaster Secure ELF parsing/loading library for forensics reconstruction of malware, and robust reverse engineering tools
  • [220星][15d] [Py] wazuh/wazuh-ruleset ruleset is used to detect attacks, intrusions, software misuse, configuration problems, application errors, malware, rootkits, system anomalies or security policy violations.
  • [219星][8d] [JS] strangerealintel/cyberthreatintel Analysis of malware and Cyber Threat Intel of APT and cybercriminals groups
  • [211星][2m] [Py] eset/malware-research 恶意代码分析中用到的代码/工具
  • [207星][5m] [YARA] th3hurrican3/pepper An open source script to perform malware static analysis on Portable Executable
  • [202星][24d] [Py] doomedraven/virustotalapi VirusTotal Full api
  • [200星][2m] [C++] secrary/drsemu 根据动态行为检测恶意代码并进行分类

Rootkit&&Bootkit


工具

  • [1527星][19d] [Py] zerosum0x0/koadic 类似于Meterpreter、Powershell Empire 的post-exploitation rootkit,区别在于其大多数操作都是由 Windows 脚本主机 JScript/VBScript 执行
  • [1200星][10m] [C] f0rb1dd3n/reptile LKM Linux rootkit
  • [724星][9m] [C] mempodippy/vlany Linux LD_PRELOAD rootkit (x86 and x86_64 architectures)
  • [587星][6m] d30sa1/rootkits-list-download Rootkit收集
  • [511星][6m] [C] nurupo/rootkit Linux rootkit,针对 Ubuntu 16.04 及 10.04 (Linux 内核 4.4.0/2.6.32), 支持 i386 和 amd64
  • [501星][2m] [C] m0nad/diamorphine 适用于Linux Kernels 2.6.x / 3.x / 4.x(x86和x86_64)的LKM rootkit
  • [429星][1y] [C] novicelive/research-rootkit LibZeroEvil & the Research Rootkit project.
  • [391星][2m] milabs/awesome-linux-rootkits awesome-linux-rootkits
  • [378星][3m] [Shell] screetsec/vegile This tool will setting up your backdoor/rootkits when backdoor already setup it will be hidden your spesisifc process,unlimited your session in metasploit and transparent. Even when it killed, it will re-run again. There always be a procces which while run another process,So we can assume that this procces is unstopable like a Ghost in The Shell
  • [264星][9m] [C] landhb/hideprocess A basic Direct Kernel Object Manipulation rootkit that removes a process from the EPROCESS list, hiding it from the Task Manager

文章

硬件


固件

Firmware&&固件

Intel

Crypto&&加密&&算法


工具

  • [2374星][2m] [TeX] crypto101/book Crypto 101, the introductory book on cryptography.
  • [1653星][6d] [Go] bitnami-labs/sealed-secrets A Kubernetes controller and tool for one-way encrypted Secrets
  • [1484星][25d] [C++] microsoft/seal Microsoft SEAL is an easy-to-use and powerful homomorphic encryption library.
  • [832星][5d] [Haskell] galoisinc/cryptol The Language of Cryptography
  • [773星][1y] pfarb/awesome-crypto-papers A curated list of cryptography papers, articles, tutorials and howtos.
  • [693星][5m] [C++] stealth/opmsg opmsg message encryption
  • [673星][4d] [Java] google/conscrypt Conscrypt is a Java Security Provider that implements parts of the Java Cryptography Extension and Java Secure Socket Extension.
  • [482星][3m] [C] microsoft/symcrypt Cryptographic library
  • [469星][21d] [C] skeeto/enchive Encrypted personal archives
  • [467星][4m] miscreant/meta 具备错误使用抗性的(Misuse-resistant )对称加密库,支持 AES-SIV (RFC5297) 和 CHAIN/STREAM
  • [433星][2m] [Go] gorilla/securecookie Package gorilla/securecookie encodes and decodes authenticated and optionally encrypted cookie values for Go web applications.
  • [381星][18d] [C++] msoos/cryptominisat An advanced SAT solver
  • [350星][8m] [Haskell] jpmorganchase/constellation Peer-to-peer encrypted message exchange
  • [341星][1m] [Shell] umputun/nginx-le Nginx with automatic let's encrypt (docker image)
  • [330星][10d] [Py] efforg/starttls-everywhere A system for ensuring & authenticating STARTTLS encryption between mail servers
  • [326星][6m] [JS] hr/crypter An innovative, convenient and secure cross-platform encryption app
  • [309星][1m] [C] jhuisi/charm A Framework for Rapidly Prototyping Cryptosystems
  • [268星][5d] [Py] nucypher/nucypher A decentralized network offering accessible, intuitive, and extensible cryptographic runtimes and interfaces for secrets management and dynamic access control.
  • [253星][13d] [C] icing/mod_md Let's Encrypt (ACME) support for Apache httpd
  • [248星][26d] [C++] evpo/encryptpad Minimalist secure text editor and binary encryptor that implements RFC 4880 Open PGP format: symmetrically encrypted, compressed and integrity protected. The editor can protect files with passwords, key files or both.
  • [233星][8m] [C] ctz/cifra A collection of cryptographic primitives targeted at embedded use.
  • [224星][12m] [C] gkdr/lurch XEP-0384: OMEMO Encryption for libpurple.
  • [224星][2d] [C] libyal/libfvde Library and tools to access FileVault Drive Encryption (FVDE) encrypted volumes
  • [224星][13d] vixentael/my-talks List of my talks and workshops: security engineering, applied cryptography, secure software development
  • [221星][3m] [Go] cloudflare/tls-tris crypto/tls, now with 100% more 1.3. THE API IS NOT STABLE AND DOCUMENTATION IS NOT GUARANTEED.
  • [215星][11d] [C] hypersine/how-does-navicat-encrypt-password Transferred from
  • [211星][5m] [Py] nucypher/nufhe NuCypher fully homomorphic encryption (NuFHE) library implemented in Python
  • [202星][5m] [TeX] decrypto-org/rupture A framework for BREACH and other compression-based crypto attacks
  • [201星][3d] anudeepnd/blacklist Curated and well-maintained host file to block ads, tracking, cryptomining and more! Updated regularly.

贡献

内容为系统自动导出, 有任何问题请提issue

About

Reverse Engineering Resources About All Platforms(Windows/Linux/macOS/Android/iOS/IoT) And Every Aspect! (More than 4600 open source tools)

Resources

Stars

Watchers

Forks

Packages

No packages published