Hacking Tools Repository

Connect With Me

💰 You can help me by Donating

Table of Content

Android Malware:

2FA: Two-factor authentication bypass malware.
Adware: Malware that generates unwanted advertisements.
Android Malicious Samples: A collection of Android malware samples.
Android Malware: Specific Android malware sample.
Android Spy 277 Origin: Spyware for Android devices.
Android Trojan: A Trojan targeting Android devices.
Android Malicious Games: Malicious games designed to infect Android devices.
Android Legit Apps: Legitimate apps modified to contain malware.
Anubis: Android banking trojan.
BreakBottlenect: Malware targeting Android's bottleneck.
Comebot: Android botnet malware.
Dendroid: Remote Access Trojan (RAT) targeting Android.
L3MONBot: A botnet for Android devices.
Ahmyth Android Spy: Spyware for Android.
GhostPush: Adware/spyware often used for push notifications.
Brazilian Android RAT: Remote Access Trojan targeting Android.
Candy Corn: Malware that exploits candy-themed apps.
Crypto: Cryptocurrency-focused malware.
Descarga: Malware targeting Android download services.
Fake Bankers: Banking malware for Android.
Farseer: Spyware targeting financial transactions.
Feabme: Android malware often used for banking fraud.
Fraud Financial Apps: Fake financial apps used to steal data.
Jssmsers: Malware focused on SMS spoofing.
Krep Banking Malware: Targets banking applications on Android.
Malbus: Malware focusing on credential stealing.
Mazar Bot: A botnet designed for Android devices.
Motion Detection: Malware with motion detection capabilities.
Persistent Malware: Malware with persistence mechanisms.
Rootnik Malware: Malware focused on rooting Android devices.
Rumms.april2016: Android malware targeting specific vulnerabilities.
Simplocker: Ransomware targeting Android devices.
Smack: Malware used for surveillance and control.
Towel Root: Rooting tool for Android devices, often associated with malware.
Trend Micro Banking Malware: Targets banking applications.
TV Remote: A tool used for remote control of Android devices.
Unclassified Apk Malware: Various unclassified APK-based malware.
Xbot: Android malware designed to steal personal data.
Zazdi Botnet: Android-based botnet for malicious control.

Assembly Language

Introduction

About and History of Assembly Language: Overview of assembly language's development and historical context.
ARM vs x86-64 Instruction set: A comparison of two major instruction sets used in modern computing.
Von Neumann Architecture: A computer architecture design where program instructions and data share the same memory space.
Major Elements of Multi-core Computers: Key components and benefits of multi-core processors in computing.
Computer Components Top-level View: A high-level look at the basic components of a computer system.
Instruction Fetch and Execute Cycle: The cycle where a processor fetches and executes instructions.
Program flow of control without and with interrupts: Describes how program execution flows with and without external interrupts.
Bus Interconnection scheme: The arrangement of buses that allow communication between various computer components.

Arithmetic and Logic

The Decimal System: The base-10 number system used in everyday life.
Positional Number System: A numeral system where the position of a digit determines its value.
The Binary System: A number system that uses two digits: 0 and 1, fundamental in computing.
Convert between binary and decimal: Methods for converting numbers between binary and decimal formats.
The Arithmetic and Logic Unit: The part of a CPU that performs arithmetic and logical operations.
Boolean Algebra: A mathematical framework for logical operations, widely used in computing.
Logic Gates: Basic building blocks of digital circuits that perform logical operations.
Data Organization: Bits, Nibbles, Words, Double Words, Quad Words and Long Words: Different data sizes and how they are organized in memory.
Logical Operation on Bits: Techniques for manipulating individual bits using logical operations.
Sign Extension, Zero Extension, Contraction and Saturation: Methods for handling binary data in different bit-width operations.
Shift and Rotates: Techniques for shifting or rotating bits within a register.
The ASCII character encoding: A character encoding standard using numeric values for letters, digits, and symbols.
The Unicode Character Set: A universal character encoding standard designed to include all writing systems.
Hexadecimal compare table to decimal and binary: A reference table for converting between hexadecimal, binary, and decimal systems.

Memory and Registers

80x86 Addressing Modes: Various addressing techniques used in x86 architecture to access memory.
Transistors and Memory in Computing: The role of transistors in memory storage and computational functions.
How Transistors works: Explanation of how transistors function as switches in digital circuits.
IA-32 Architecture: Intel’s 32-bit microprocessor architecture and its features.
Stack: A memory structure used to store temporary data such as function calls and local variables.
Heap: A memory area used for dynamic memory allocation during program execution.
80x86 Register Addressing Mode: Ways in which registers in the 80x86 architecture are accessed and used.
Machine Instruction Characteristics: Description of machine-level instructions and their format.
Types of Operands: Different data types or values used in machine instructions.
The code section: A segment of memory where executable code is stored.
The static section: Memory section storing global variables that persist throughout program execution.
The Read only data section: Memory section for data that cannot be altered during execution.
The Storage Section: Memory section used for dynamically allocated data.
The Var section: A section of memory dedicated to storing variable data.
The Basic Push Instruction: An instruction to place data onto the stack.
The Basic Pop Instruction: An instruction to remove data from the stack.
Dynamic Memory Allocation and the Heap Segment: Managing memory dynamically using heap allocation.
Registers: Small, fast storage locations within the CPU for data processing.
- General-Purpose Registers: Registers used for storing temporary data in computations.
- Special-purpose registers: Registers with specific functions, like program counters and status registers.
- Flags Registers: A register containing bits that represent the status of operations.
- Index Register: A register used to store addresses in array or string manipulation.
- Segment Register: Registers used in segmented memory models to point to memory segments.
- Control Registers: Registers that control the operation of the CPU.
Instruction code handling: How the CPU decodes and processes machine instructions.
Constant Types: Different categories of constant values used in programming.
String and Character Literal Constants: Constants representing text and individual characters.
Modifying val Objects at Arbitrary Points in Your Programs: Techniques for modifying objects at specified points in a program.
Using Pointers in Assembly Language: How pointers are utilized to reference memory locations in assembly.
Declaring Arrays in Your HLA Programs: How to define arrays in High-Level Assembly (HLA).
Accessing Elements of a Single-Dimensional Array: Accessing array elements in assembly programming.
Sorting an Array of Values: Methods for sorting arrays using assembly language techniques.
Record Constants: Data structures for holding related constants.
Unions: A data structure where different data types share the same memory location.
Saving the State of the Machine: Storing the processor’s state to resume execution later.
Local and Global Symbol Types: Variables that are accessible within specific scopes or globally in a program.
Pass by Value: Passing a copy of a variable’s value to a function.
Pass by Reference: Passing a reference to the actual data in memory to a function.
Passing Parameters in Registers: Method of passing parameters using CPU registers.
Passing Parameters on the Stack: Passing function arguments via the stack.
Exceptions: Handling errors or exceptional conditions during program execution.
Interrupts: Mechanism for transferring control to handle external events.

C Hacking Tools

Cryptography

Symmetric Encryption

3DES: A symmetric-key block cipher (Triple DES), which applies the Data Encryption Standard (DES) cipher algorithm three times to each data block.
AES: Symmetric-key block cipher algorithm, widely used for secure and classified data encryption (also known as Rijndael).
Blowfish: A symmetric-key block cipher designed in 1993 by Bruce Schneier, featuring key-dependent S-boxes and a complex key schedule.

Asymmetric Encryption

DH (Diffie-Hellman): A method for securely exchanging cryptographic keys over a public channel, enabling forward secrecy.
ECC (Elliptic Curve Cryptography): Public-key cryptosystems based on the algebraic structure of elliptic curves over finite fields.
RSA: One of the first practical public-key cryptosystems, widely used for secure data transmission.

Transform Encryption

Transform Encryption (Proxy Re-Encryption): A type of encryption that uses three mathematically related keys to transform ciphertext for decryption by different recipients.

Hash Functions

MD5: A widely used hash function producing a 128-bit hash value. It has known vulnerabilities but can still serve as a checksum for data integrity.
SHA1: A cryptographic hash function designed by NSA, producing a 160-bit hash. It's no longer considered secure.
SHA2: A set of hash functions (SHA-256 and SHA-512), providing stronger security compared to SHA-1.
SHA3: Part of the SHA-3 family, designed to resist quantum computer attacks, offering security properties such as collision resistance.

Books on Cryptography

A Graduate Course in Applied Cryptography: A comprehensive book covering various cryptographic constructions.
An Introduction to Mathematical Cryptography: Introduction to modern cryptography principles.
Applied Cryptography: Classic text offering a comprehensive survey of modern cryptography.
Crypto101: An introductory course on cryptography.
Cryptography Engineering: Focuses on building cryptographic protocols in real-world applications.
Handbook of Applied Cryptography: A reference guide for professional cryptographers.
Introduction to Modern Cryptography: A computer science-focused introduction to modern cryptography.
OpenSSL Cookbook: Guide to using OpenSSL in cryptographic applications.
Practical Cryptography for Developers: A developer-friendly guide to modern cryptography with code examples.
Real World Cryptography: Focuses on practical cryptography techniques and their application in systems.
Security Engineering: A textbook on computer security, including cryptography, written by Ross Anderson.
Serious Cryptography: Practical introduction to modern encryption methods.
The Code Book: Covers the history and methods of cryptography, with challenges and solutions.
The Cryptoparty Handbook: Comprehensive guide to various computer and internet security topics.
Understanding Cryptography: A beginner's guide to cryptography with exercises for reinforcement.

DDos Tools

DB2AMP: Exploits DB2 Amplification attacks.
Heartbleed: Leverages the Heartbleed vulnerability in OpenSSL for DDoS attacks.
MDNS: Targets mDNS (Multicast DNS) for amplification.
NETBIOS: Amplifies attacks using NETBIOS service.
NTP: Leverages the Network Time Protocol (NTP) for DDoS.
OVH: Targets OVH servers for massive traffic bursts.
SENTINEL: Specific tool for DDoS attacks.
SNMP: Uses Simple Network Management Protocol (SNMP) to amplify attacks.
SSDP: Exploits SSDP for amplification.
SYN: SYN flood attacks, often used in DoS (Denial of Service).
TS3: Targets TS3 servers for flooding.
UDP: A UDP-based DDoS attack tool.
XMLRPC: Exploits XML-RPC for attack amplification.

DDoS Tools (Code-Based)

ACK: ACK flood attack tool written in C.
ARME: ARME attack simulation in C.
CHARGEN: Exploits the CHARGEN service for DoS.
DNS: DNS-based DDoS tool in C.
DOMINATE: A tool for dominating targeted networks.
DRDOS: Distributed Reflection DoS (DRDoS) in Perl.
TELNET: Telnet flood attack simulation.
SUDP: UDP-based attack tool written in C.
STD: Another DoS tool written in C.
STCP: TCP-based DoS simulation tool in C.
SSYN: SYN flood attack with a slight modification.

Malware Analysis

Malware samples collected for analysis.

Malware Samples & Repositories

Clean MX: A real-time database of malware and malicious domains.
Contagio: A collection of recent malware samples and analyses.
Exploit Database: Provides exploit and shellcode samples.
Infosec - CERT-PA: Malware samples collection and analysis by CERT-PA.
InQuest Labs: An ever-growing searchable corpus of malicious Microsoft documents.
Javascript Malware Collection: Collection of over 40,000 javascript malware samples.
Malpedia: A resource providing rapid identification and actionable context for malware investigations.
Malshare: Large repository of malware actively scraped from malicious sites.
Ragpicker: Plugin-based malware crawler with pre-analysis and reporting functionalities.
theZoo: A collection of live malware samples for analysts.
Tracker h3x: Aggregator for malware corpus tracking and malicious download sites.
vduddu malware repo: Collection of various malware files and source code.
VirusBay: A community-based malware repository and social network.
ViruSign: Malware database detected by many anti-malware programs except ClamAV.
VirusShare: A malware repository, registration required for access.
VX Vault: An active collection of malware samples.
Zeltser's Sources: A curated list of malware sample sources compiled by Lenny Zeltser.
Zeus Source Code: Source code for the Zeus Trojan, leaked in 2011.
VX Underground: A massive and growing collection of free malware samples.

Other Resources

Threat intelligence and IOC resources.

Threat Intelligence Feeds & Blocklists

Autoshun (list): Snort plugin and blocklist for malicious IPs.
Bambenek Consulting Feeds: OSINT feeds based on malicious Domain Generation Algorithms (DGAs).
Fidelis Barncat: A comprehensive malware config database (access requires request).
CI Army (list): Network security blocklists, with a focus on malicious IPs.
Critical Stack - Free Intel Market: Free intel aggregator with over 90 feeds and 1.2M indicators.
Cybercrime Tracker: Tracker for multiple active botnets.
FireEye IOCs: A repository of publicly shared IOCs from FireEye.
FireHOL IP Lists: Analytical tools for 350+ IP lists, focusing on attacks, malware, and abuse.
HoneyDB: Community-driven honeypot sensor data collection and aggregation.
hpfeeds: Honeypot feed protocol.
Infosec - CERT-PA lists: Includes IPs, domains, and URLs blocklists.
InQuest REPdb: Aggregates IOCs from open reputation sources.
InQuest IOCdb: Continuous IOC aggregation from blogs, GitHub repositories, and Twitter.
Internet Storm Center (DShield): A diary and incident database with a web API and unofficial Python library.
malc0de: Searchable database of incident data.
Malware Domain List: Search and share URLs associated with malware.
MetaDefender Threat Intelligence Feed: A feed of the most looked-up file hashes from MetaDefender Cloud.
OpenIOC: Framework for sharing threat intelligence.
Proofpoint Threat Intelligence: Rulesets and intelligence feeds from Proofpoint (formerly Emerging Threats).
Ransomware Overview: A detailed list of ransomware with detection and prevention tips.
STIX - Structured Threat Information eXpression: A standardized language for sharing cyber threat information. Related initiatives include:
- CAPEC - Common Attack Pattern Enumeration and Classification
- CybOX - Cyber Observables eXpression
- MAEC - Malware Attribute Enumeration and Characterization
- TAXII - Trusted Automated eXchange of Indicator Information
SystemLookup: Hosts a collection of lists detailing legitimate and potentially unwanted programs.
ThreatMiner: A data mining portal for threat intelligence, featuring search functionality.
threatRECON: Searchable IOCs with up to 1000 free queries per month.
ThreatShare: C2 panel tracker.
Yara Rules: Repository for Yara rules.
YETI: A platform for organizing observables, IOCs, TTPs, and threat knowledge.
ZeuS Tracker: Blocklists related to the Zeus Trojan.

Documents and Shellcode

*Analyze malicious JS and shellcode from PDFs and Office documents.

Malware Analysis Tools

AnalyzePDF: A tool to analyze PDF files and determine if they are malicious.
box-js: A tool to study JavaScript malware, with support for JScript/WScript and ActiveX emulation.
diStorm: A disassembler used for analyzing malicious shellcode.
InQuest Deep File Inspection: Tool for uploading common malware lures for deep inspection and heuristic analysis.
JS Beautifier: A tool to unpack and deobfuscate JavaScript code.
libemu: A library and tools for emulating x86 shellcode, useful for malware analysis.
malpdfobj: Tool for deconstructing malicious PDFs into a JSON representation.
OfficeMalScanner: A tool for scanning MS Office documents for malicious traces.
olevba: A script for parsing OLE and OpenXML documents to extract useful information, helpful for detecting embedded malware.
Origami PDF: Tool for analyzing malicious PDFs.
PDF Tools: Includes utilities like pdfid and pdf-parser for analyzing PDF files, developed by Didier Stevens.
PDF X-Ray Lite: A backend-free PDF analysis tool, lighter than the full version of PDF X-Ray.
peepdf: A Python tool for investigating possibly malicious PDFs.
QuickSand: A C-based framework for analyzing malware-laden documents, designed to identify exploits in encodings and extract embedded executables.
Spidermonkey: Mozilla's JavaScript engine, used for debugging and analyzing malicious JavaScript.

Network

Analyze network interactions.

Network Traffic Analysis and Malware Detection Tools

Bro (Zeek): A powerful network protocol analyzer, scalable for both file and network protocols, and highly used for network traffic analysis and security monitoring.
BroYara: Integration of Yara rules into Bro (Zeek), allowing for malware detection within network traffic.
CapTipper: Tool for exploring malicious HTTP traffic, used for traffic inspection and analysis.
chopshop: A framework designed for protocol analysis and decoding, useful for capturing and analyzing network traffic.
CloudShark: A web-based tool for packet analysis, providing an interface for examining network traffic and detecting malware.
FakeNet-NG: A next-gen dynamic network analysis tool, useful for malware analysis by emulating network services.
Fiddler: A web debugging proxy that intercepts HTTP and HTTPS traffic for analysis and troubleshooting.
Hale: A botnet C&C monitor, focused on analyzing command and control traffic.
Haka: Open-source security language for describing protocols and applying security policies to live captured traffic.
HTTPReplay: A library for parsing and extracting data from PCAP files, including TLS streams.
INetSim: A network service emulator, useful for setting up a malware lab and emulating services like HTTP, FTP, and DNS.
Laika BOSS: A file-centric malware analysis and intrusion detection system, analyzing file-based threats.
Malcolm: A full packet capture (PCAP) and Zeek log analysis tool suite for network traffic analysis.
Malcom: A malware communications analyzer, focused on detecting malicious network activity.
Maltrail: Malicious traffic detection system using blacklists of malicious IPs and domains with reporting and analysis capabilities.
mitmproxy: An intercepting proxy that allows users to inspect and modify network traffic in real-time.
Moloch: A large-scale IPv4 traffic capturing, indexing, and database system for packet analysis.
NetworkMiner: A network forensic analysis tool that helps in analyzing packet capture (PCAP) files, with a free version available.
ngrep: A network packet analyzer that allows users to search through network traffic using grep-like syntax.
PcapViz: A tool to visualize network traffic and topology from PCAP files.
Python ICAP Yara: An ICAP server with Yara scanning for content and URL analysis, often used for detecting malicious traffic.
Squidmagic: A tool designed for analyzing web-based network traffic to detect C&C servers and malicious sites using the Squid proxy server and Spamhaus.
Tcpdump: A widely used command-line tool for capturing and analyzing network traffic in real-time.
tcpick: A tool to track and reassemble TCP streams from network traffic.
tcpxtract: A tool that extracts files from network traffic.
Wireshark: The most popular network traffic analysis tool, capable of inspecting and analyzing various network protocols.

Memory Forensics

Tools for dissecting malware in memory images or running systems.

Memory Forensics and Malware Analysis Tools

BlackLight: A forensics tool for Windows and macOS supporting analysis of hibernation files, pagefiles, and raw memory. Useful for conducting deep memory analysis on systems.
DAMM: Differential analysis of malware in memory using Volatility. This tool helps to detect and compare changes in memory states before and after malware execution.
evolve: A web interface for the Volatility Memory Forensics Framework, allowing for easier analysis and reporting.
FindAES: A tool that helps identify AES encryption keys within memory dumps, which is useful for decrypting malware or analyzing encrypted data in memory.
inVtero.net: A high-speed memory analysis framework developed in .NET for Windows x64, providing support for code integrity checks and memory writes.
Muninn: Automates portions of memory analysis using Volatility, generating readable reports of the findings.
Orochi: An open-source framework that supports collaborative forensic memory dump analysis, designed for use in team environments.
Rekall: A memory forensics framework that was forked from Volatility in 2013, widely used for memory analysis and incident response.
TotalRecall: A script based on Volatility, designed to automate various tasks in malware analysis and memory forensics.
VolDiff: A tool for running Volatility on memory images taken before and after malware execution, highlighting changes in memory that could indicate malicious activity.
Volatility: One of the most advanced and widely used memory forensics frameworks. It provides powerful tools for analyzing memory dumps, detecting malware, and uncovering forensic evidence.
VolUtility: A web interface for the Volatility Memory Analysis framework, simplifying its use and visualization of memory analysis results.
WDBGARK: A WinDBG extension specifically for detecting rootkits, aiding in live memory inspection for malicious activities.
WinDbg: A debugger for live memory inspection and kernel debugging, often used for in-depth system analysis and reverse engineering malware.

Malware Analysis & Reverse Engineering Books:

Intelligence Driven Incident Response - A guide on building intelligence-driven incident response strategies to improve cybersecurity and threat handling.
Practical Malware Analysis - A comprehensive guide for analyzing and understanding malware, ideal for those starting in the field of malware research.
Reversing: Secrets of Reverse Engineering - A book on reverse engineering techniques, focusing on the process and tools used to analyze and understand software.
Practical Reverse Engineering - A practical guide to reverse engineering techniques, especially for those interested in Windows systems.
Malware Analyst Cookbook - Offers practical recipes for analyzing malicious software, covering analysis of different types of malware.
IDA Pro Book - In-depth guide to using IDA Pro, a popular tool for reverse engineering and malware analysis.
Art of Assembly - A detailed exploration of assembly language programming and its relevance to reverse engineering and exploitation.
The Art of Memory Forensics - A book dedicated to memory forensics and the process of analyzing system memory for evidence of malicious activity.
Windows Internals, Part 1 (6th Edition) - Explains the core concepts behind Windows internals, including system architecture, process management, and security.
Windows Internals, Part 2 (6th Edition) - Continues the explanation of Windows internals, focusing on security, networking, and file systems.
Windows Internals, Part 1 (7th Edition) - Updated edition covering the latest architecture and process management in modern Windows operating systems.
Windows Internals, Part 2 (7th Edition) - Continues the 7th edition series, delving into networking, security, and other advanced topics.
Hacking: The Art of Exploitation - A book that covers exploitation techniques, reverse engineering, and the process of learning to hack.
The Shellcoder's Handbook: Discovering and Exploiting Security Holes - A deep dive into discovering vulnerabilities in software and the techniques behind shellcoding and exploitation.
Rootkits: Subverting the Windows Kernel - A specialized book on rootkits and their operation in Windows systems.
Rootkits and Bootkits - A guide that explores techniques for subverting and manipulating operating systems at the kernel level.
The Cuckoo's Egg: Tracking a Spy Through the Maze of Computer Espionage - A true story of how a systems administrator tracked down a hacker, detailing the techniques used in real-world cyber espionage.
The Rootkit Arsenal: Escape and Evasion in the Dark Corners of the System - Focuses on techniques for creating and detecting rootkits and other stealth malware.
Learning Malware Analysis - A practical guide to learning malware analysis, designed for those interested in investigating malicious software and enhancing their skill set.
Sandworm - A compelling book that investigates the Russian hacker group Sandworm, responsible for a series of sophisticated cyberattacks.

Cheat Sheets/Tables

IDA Cheat Sheet: A quick reference for frequently used IDA Pro commands and shortcuts.
Cheat Sheets: Various IT and cybersecurity-related cheat sheets, from networking to reverse engineering.
File Signatures: A comprehensive list of file signatures for identifying file types.
APT Groups and Operations: Detailed spreadsheet tracking Advanced Persistent Threat (APT) groups and their operations.
Ransomware Overview: Catalog of ransomware families, including indicators of compromise and behavior.
Intel Assembler Code Table: Instruction set reference for Intel assembly language.
ARM Assembly Cheatsheet: A quick guide to basic ARM assembly instructions.
APTnotes: Repository of publicly available documents related to APT activities.
PE 101: Illustrated guide to the Portable Executable (PE) file format.
PDF 101: A deep dive into the structure and quirks of PDF files.
PDF Analysis: Tools and techniques for analyzing PDF documents.
Digital Forensics and Incident Response: Comprehensive DFIR cheat sheet covering common tools and methodologies.

Decoders

CyberChef: A web-based tool for encoding, decoding, and analyzing data.
KevtheHermit RAT Decoders: Scripts for decoding configurations from various Remote Access Trojans (RATs).

Debuggers

OllyDbg: A 32-bit assembler-level debugger for Windows.
Immunity Debugger: A powerful debugger geared toward exploit development.
X64dbg: An open-source x64/x32 debugger for Windows.
Rvmi: Remote debugger for virtual machine introspection.
WinDBG: Microsoft’s debugger for Windows development and analysis.

Disassemblers

IDA Pro: Industry-standard interactive disassembler for reverse engineering.
Binary Ninja: A modern binary analysis platform with a focus on usability.
Radare2: Open-source framework for reverse engineering.
Cutter: A GUI frontend for Radare2.
BinNavi: Binary analysis IDE for exploring code and data structures.
Hopper: A macOS/Linux-based disassembler with decompilation features.
Medusa: Open-source disassembler with a focus on simplicity.
Disassembler.io: Free online disassembler for quick binary analysis.
Ghidra: NSA-developed reverse engineering tool with extensive features.

Static Analysis Tools

PEiD: Detects packers, cryptors, and compilers in PE files.
McAfee FileInsight: Hex editor with scripting capabilities for analyzing malware.
HashMyFiles: Generates file hashes for comparison and verification.
CFF Explorer: PE file editor with advanced analysis tools.
AnalyzePESig: Tool for identifying suspicious digital signatures in PE files.
ByteHist: Visualizes byte-level distribution in binary files.
Exeinfo: Provides detailed metadata for PE files.
Scylla: Imports reconstruction tool for analyzing dumped PE files.
MASTIFF: Automates static analysis of malware.
PEframe: Framework for analyzing PE files for malware indicators.
PEscan: Scans PE files for suspicious characteristics.
PEstudio: Tool for analyzing PE files, detecting anomalies, and unpacking.
PE-Bear: PE file reverse-engineering tool.
PE-sieve: Detects and dumps in-memory PE modifications.
Flare-Floss: Automatically extracts obfuscated strings from malware.
PatchDiff2: Binary diffing tool for comparing patched/unpatched binaries.
PE Insider: Comprehensive PE file analysis toolkit.
Resource Hacker: Editor for viewing, editing, and extracting resources in executables.
DarunGrim: Tool for binary diffing and similarity analysis.
Mal Tindex: Malware indexing and classification tool.
Manalyze: Framework for static analysis of PE files.
PDBlaster: Generates PDB files for stripped binaries.
ImpFuzzy: Calculates fuzzy hashes based on imports for similarity analysis.
Florentino: Static analysis tool focused on script and malware detection.
Viper: A versatile platform for managing and analyzing malware samples.

Text/Hex Editor Tools

Notepad++: A powerful text editor with support for syntax highlighting and plugins.
010 Editor: A professional-grade hex editor with binary templates for file parsing.
HxD: A fast hex editor, disk editor, and RAM editor for Windows.
BinText: A tool to extract readable ASCII and Unicode strings from binary files.
Hexinator: A hex editor with advanced analysis and reverse engineering capabilities.

Threat Intelligence

ThreatMiner: A threat intelligence platform for analyzing malware, domains, and other artifacts.
RiskIQ Community: Platform for exploring internet threats and analyzing malicious activity.
PasteBin: Often used for data leaks and shared threat intelligence.
Shodan: A search engine for internet-connected devices, including vulnerable systems.
Censys: Internet-wide scanning and analysis tool for finding exposed systems.
DNSdumpster: A domain research tool for identifying DNS records and subdomains.
URLHaus: A database of malicious URLs used in malware campaigns.
AlienVault OTX: Open Threat Exchange for collaborative threat intelligence sharing.
C2 Tracker: Tracks command and control (C2) infrastructure used by malware.
MISP: Malware Information Sharing Platform for sharing threat intelligence.
The Hive: Incident response platform with collaborative features.
Yeti: Your Everyday Threat Intelligence tool for managing and enriching indicators.
Using ATT&CK for CTI Training: MITRE ATT&CK-based training for Cyber Threat Intelligence (CTI).
PasteScraper: Automates scraping of PasteBin and similar sites for threat intelligence.

OSINT Tools

Server & Network Tools

Shodan: Search engine for discovering internet-connected devices.
Onyphe: A cyber defense search engine for gathering internet-facing threat data.
Censys: Maps the internet for open ports, vulnerabilities, and services.
Ivre: Network recon and intrusion detection framework.
BGPView: Tool for exploring internet routing and BGP data.
DNSDumpster: A tool for DNS and subdomain reconnaissance.
CertStream: Monitors real-time Certificate Transparency logs for new domain certificates.
Exploit Observer: Tracks known exploits across the internet.
Subdomain Center: Automated subdomain enumeration service.
Malcore: Malware scanning and threat analysis platform.
SearchCode: Source code search engine for vulnerability hunting.
Internet Intelligence: Monitors exposed services, devices, and vulnerabilities.
Criminal IP: Threat intelligence platform focused on vulnerabilities and threat hunting.
GreyNoise: Provides context about internet-wide noise and non-malicious scans.
Arkham Intelligence: Tracks on-chain crypto assets and related threat activities.
WhatsMyName: OSINT username enumeration tool.
DeHashed: Search engine for breached data and credentials.
WhiteIntel: Platform for analyzing threat actor activities.
ManyPasswords: Repository of common password lists for brute-forcing.
DNS History: Historical DNS records lookup tool.
Global Terrorism Catalogue: Dataset tracking global terrorism events.
Public Intelligence: Repository of government and security-related documents.
CINS Army: List of known malicious IPs for threat analysis.
Umbrella List: Cisco Umbrella threat intelligence database.
Malware Bazaar: Repository of malware samples and associated indicators.
War on the Rocks: Articles on cybersecurity, geopolitics, and military strategy.
IntelligenceX: Advanced search engine for public and dark web content.
Counter Extremism: Information on extremist organizations and countermeasures.
MITRE ATT&CK: Knowledge base of adversary tactics, techniques, and procedures (TTPs).
Exploit Alert: A platform tracking active exploits in the wild.

Search & Intelligence Tools

Google: Popular search engine for OSINT and general queries.
IntelX: Advanced search engine for public and dark web data.
URLScan: Scans and visualizes website interactions for analysis.
PublicWWW: Search engine for website source codes.
Searchcode: Source code search engine for vulnerabilities and patterns.
Grep.app: Tool to search open-source code repositories.
Onion Search Engine: Specialized search for .onion sites on the dark web.
Archive.org: Internet Archive for accessing historical versions of web pages.
Spyonweb: Tool to investigate domains by IP addresses or analytics codes.

Threat Intelligence Tools

BinaryEdge: Platform for internet-wide scanning and monitoring.
FOFA: Tool for fingerprinting and asset discovery across the internet.
ZoomEye: Search engine for discovering networked devices and vulnerabilities.
LeakIX: Tracks exposed databases and other leaks online.
GreyNoise: Provides context for background internet noise and scans.
Pulsedive: Platform for enriching and visualizing threat intelligence indicators.
ThreatCrowd: Tool for investigating domains, IPs, and file hashes.
ThreatMiner: Threat analysis tool for malware, domains, and IPs.
SOC Radar: Threat intelligence and attack surface monitoring tool.

Vulnerability & Malware Tools

Vulners: Searchable database of vulnerabilities and exploits.
VulDB: Vulnerability database and advisory platform.
CVE Mitre: Comprehensive resource for Common Vulnerabilities and Exposures (CVEs).
Hybrid Analysis: Malware analysis platform with sandbox features.
MalShare: Repository for malware samples and analysis.

Email & Communication Tools

Hunter.io: Finds email addresses associated with a domain.
Have I Been Pwned: Checks if your email or phone has been part of a data breach.
PassiveTotal: Provides domain and IP intelligence for threat hunting.

Wi-Fi & Network Mapping Tools

WiGLE: Maps Wi-Fi networks and associated geolocations.

Attack Surface Management Tools

Netlas: Monitors exposed assets and provides internet-wide search capabilities.
FullHunt: Platform for attack surface and vulnerability management.
BinaryEdge: Also listed in threat intelligence, focuses on internet-wide scanning and monitoring.

Penetration Testing

Subdomain

subDomainsBrute - A fast sub domain brute tool for pentesters
ksubdomain - Subdomain enumeration tool, asynchronous dns packets, use pcap to scan 1600,000 subdomains in 1 second
Sublist3r - Fast subdomains enumeration tool for penetration testers
OneForAll - OneForAll is a powerful subdomain integration tool
LayerDomainFinder - a subdomains enumeration tool by Layer
ct - Collect information tools about the target domain.
Subfinder - Subfinder is a subdomain discovery tool that discovers valid subdomains for websites. Designed as a passive framework to be useful for bug bounties and safe for penetration testing.
Probable_subdomains - Subdomains analysis and generation tool. Reveal the hidden!
- domains - Generate subdomains and wordlists Online.
MassDNS - High-performance DNS stub resolver targeting those who seek to resolve a massive amount of domain names in the order of millions or even billions.
altdns - Altdns takes in words that could be present in subdomains under a domain (such as test, dev, staging) as well as takes in a list of subdomains that you know of.
dnscan - Fast and lightweight dns bruteforcer with built-in wordlist and zone transfer checks.

Google Hacking

GHDB - Google Hack Database
SearchDiggity - SearchDiggity 3.1 is the primary attack tool of the Google Hacking Diggity Project
Katana - A Python Tool For google Hacking
GooFuzz - GooFuzz is a tool to perform fuzzing with an OSINT approach, managing to enumerate directories, files, subdomains or parameters without leaving evidence on the target's server and by means of advanced Google searches (Google Dorking).
Pagodo - pagodo (Passive Google Dork) - Automate Google Hacking Database scraping and searching .
Google-Dorks - Useful Google Dorks for WebSecurity and Bug Bounty

Github

GitHacker - A Git source leak exploit tool that restores the entire Git repository, including data from stash, for white-box auditing and analysis of developers' mind.
GitGraber - gitGraber is a tool developed in Python3 to monitor GitHub to search and find sensitive data in real time for different online services.
GitMiner - Tool for advanced mining for content on Github.
Gitrob - Reconnaissance tool for GitHub organizations.
GitGot Semi-automated, feedback-driven tool to rapidly search through troves of public data on GitHub for sensitive secrets.
GitDump - A pentesting tool that dumps the source code from .git even when the directory traversal is disabled

Port Scan

Nmap | Zenmap - Free and open source utility for network discovery and security auditing
Masscan - TCP port scanner, spews SYN packets asynchronously
Ports - Common service ports and exploitations
Goby - Attack surface mapping
- Gobyu-POC - The POC of Goby .
Goscan - Interactive Network Scanner
NimScan - Fast Port Scanner
RustScan - The Modern Port Scanner
TXPortMap - Port Scanner & Banner Identify From TianXiang
Scaninfo - fast scan for redtools
SX - Fast, modern, easy-to-use network scanner
Yujianportscan A Fast Port Scanner GUI Tools Build by VB.NET + IOCP
Naabu - A fast port scanner written in go with a focus on reliability and simplicity.

Phishing

gophish - Open-Source Phishing Toolkit
AdvPhishing - This is Advance Phishing Tool ! OTP PHISHING
SocialFish - Educational Phishing Tool & Information Collector
Zphisher - An automated phishing tool with 30+ templates. This Tool is made for educational purpose only ! Author will not be responsible for any misuse of this toolkit !
Nexphisher - Advanced Phishing tool for Linux & Termux

Vulnerability Scanner

Struts-Scan - Struts2 vulnerability detection and utilization tools
Nikto - Nikto is an Open Source (GPL) web server scanner which performs comprehensive tests against web servers for multiple items
W3af - Web application attack and audit framework, the open source web vulnerability scanner
Openvas - The world's most advanced Open Source vulnerability scanner and manager
- Openvas Docker
Archery - Open Source Vulnerability Assessment and Management helps developers and pentesters to perform scans and manage vulnerabilities
Taipan - Web application vulnerability scanner
Arachni - Web Application Security Scanner Framework
Nuclei - Fast and customizable vulnerability scanner based on simple YAML based DSL.
Xray - A passive-vulnerability-scanner Tool.
Super-Xray - Web Vulnerability Scanner XRAY GUI Starter
SiteScan - AllinOne Website Information Gathering Tools for pentest.
Banli - High-risk asset identification and high-risk vulnerability scanner.
vscan - Open Source Vulnerability Scanner.
Wapiti - Web vulnerability scanner written in Python3.
Scaninfo - fast scan for redtools
osv-scanner - Vulnerability scanner written in Go which uses the data provided by https://osv.dev
Afrog - A Vulnerability Scanning Tools For Penetration Testing
OpalOPC - A vulnerability and misconfiguration scanner for OPC UA applications

CMS & Framwork Identification

AngelSword - CMS vulnerability detection framework
WhatWeb - Next generation web scanner
Wappalyzer - Cross-platform utility that uncovers the technologies used on websites
Whatruns - A free browser extension that helps you identify technologies used on any website at the click of a button (Just for chrome)
WhatCMS - CMS Detection and Exploit Kit based on Whatcms.org API
CMSeeK - CMS Detection and Exploitation suite - Scan WordPress, Joomla, Drupal and over 180 other CMSs
EHole - CMS Detection for RedTeam
ObserverWard - Cross platform community web fingerprint identification tool
- FingerprintHub - The Database of ObserverWard
Yunsee - Online website for to find the CMS footprint
Bugscaner - A simple online fingerprint identification system that supports hundreds of cms source code recognition
WhatCMS online - CMS Detection and Exploit Kit website Whatcms.org
TideFinger - Fingerprinter Tool from TideSec Team
360finger-p - Fingerprinter Tool from 360 Team

Web Applications Proxies

Burpsuite - Burpsuite is a graphical tool for testing Web application security
ZAP One of the world’s most popular free security tools
Mitmproxy - An interactive TLS-capable intercepting HTTP proxy for penetration testers and software developers.
Broxy - An HTTP/HTTPS intercept proxy written in Go.
Hetty - An HTTP toolkit for security research.
Proxify - Swiss Army knife Proxy tool for HTTP/HTTPS traffic capture, manipulation, and replay on the go.

Web Crawlers & Directory Brute Force

Dirbrute - Multi-thread WEB directory blasting tool (with dics inside)
Dirb - DIRB is a Web Content Scanner. It looks for existing (and/or hidden) Web Objects. It basically works by launching a dictionary based attack against a web server and analyzing the responses.
ffuf - Fast web fuzzer written in Go.
Dirbuster - DirBuster is a multi threaded java application designed to brute force directories and files names on web/application servers.
Dirsearch - Web path scanner.
Gobuster Directory/File, DNS and VHost busting tool written in Go.
WebPathBrute - Web path Bruter.
wfuzz - Web application fuzzer
Dirmap - An advanced web directory & file scanning tool that will be more powerful than DirBuster, Dirsearch, cansina, and Yu Jian.
YJdirscan - Yujian dirscan Gui Pro

Docker Scanners

Fuxi-Scanner - open source network security vulnerability scanner, it comes with multiple functions.
Xunfeng - The patrol is a rapid emergency response and cruise scanning system for enterprise intranets.
WebMap - Nmap Web Dashboard and Reporting.
Pentest-Collaboration-Framework - Opensource, cross-platform and portable toolkit for automating routine processes when carrying out various works for testing!

Password Attacks

Hydra - Hydra is a parallelized login cracker which supports numerous protocols to attack
Medusa - Medusa is intended to be a speedy, massively parallel, modular, login brute-forcer
Sparta - Network Infrastructure Penetration Testing Tool.
Hashcat - World's fastest and most advanced password recovery utility
Patator - Patator is a multi-purpose brute-forcer, with a modular design and a flexible usage.
HackBrowserDat - Decrypt passwords/cookies/history/bookmarks from the browser
John - John the Ripper jumbo - advanced offline password cracker, which supports hundreds of hash and cipher types, and runs on many operating systems, CPUs, GPUs, and even some FPGAs.
crowbar - brute forcing tool that can be used during penetration tests. Supports OpenVPN, RDP (with NLA), ssh and VNC.

Wordlists

wordlists - Real-world infosec wordlists, updated regularly
psudohash - Password list generator that focuses on keywords mutated by commonly used password creation patterns
wister - A wordlist generator tool, that allows you to supply a set of words, giving you the possibility to craft multiple variations from the given words, creating a unique and ideal wordlist to use regarding a specific target.
Rockyou - wordlists packaging for Kali Linux.
Weakpass - For any kind of bruteforce find wordlists.

Wireless Tools

Fern Wifi cracker - Fern-Wifi-Cracker is designed to be used in testing and discovering flaws in ones own network with the aim of fixing the flaws detected
EAPHammer - EAPHammer is a toolkit for performing targeted evil twin attacks against WPA2-Enterprise networks.
Wifite2 - Wifite is designed to use all known methods for retrieving the password of a wireless access point.
JackIt - Implementation of Bastille's MouseJack exploit. Easy entry point through wireless keyboards and mices during redteam engagement.

Cross-site Scripting (XSS)

BeeF - The Browser Exploitation Framework Project
BlueLotus_XSSReceiver - XSS Receiver platform without SQL
XSStrike - Most advanced XSS scanner.
xssor2 - XSS'OR - Hack with JavaScript.
Xsser-Varbaek - From XSS to RCE 2.75 - Black Hat Europe Arsenal 2017 + Extras
Xsser-Epsylon - Cross Site "Scripter" (aka XSSer) is an automatic framework to detect, exploit and report XSS vulnerabilities in web-based applications.
Xenotix - An advanced Cross Site Scripting (XSS) vulnerability detection and exploitation framework
PwnXSS - PwnXSS: Vulnerability (XSS) scanner exploit
dalfox - DalFox is an powerful open source XSS scanning tool and parameter analyzer, utility
ezXSS - ezXSS is an easy way for penetration testers and bug bounty hunters to test (blind) Cross Site Scripting.

Sql Injection

Sqlmap - Automatic SQL injection and database takeover tool
SSQLInjection - SSQLInjection is a SQL injection tool , support Access/MySQL/SQLServer/Oracle/PostgreSQL/DB2/SQLite/Informix Database.
Jsql-injection - jSQL Injection is a Java application for automatic SQL database injection.
NoSQLMap - Automated NoSQL database enumeration and web application exploitation tool.
Sqlmate - A friend of SQLmap which will do what you always expected from SQLmap
SQLiScanner - Automatic SQL injection with Charles and sqlmap api
sql-injection-payload-list - SQL Injection Payload List
Advanced-SQL-Injection-Cheatsheet - A cheat sheet that contains advanced queries for SQL Injection of all types.

Exploit Framework

POC-T - Pentest Over Concurrent Toolkit
Pocsuite3 - pocsuite3 is an open-sourced remote vulnerability testing framework developed by the Knownsec 404 Team.
Metasploit - The world’s most used penetration testing framework
Venom - Shellcode generator/compiler/handler (metasploit)
Empire - Empire is a PowerShell and Python post-exploitation agent
Starkiller - Starkiller is a Frontend for PowerShell Empire.
Koadic - Koadic C3 COM Command & Control - JScript RAT
Viper - metasploit-framework UI manager Tools
MSFvenom-gui - gui tool to create normal payload by msfvenom
MYExploit - A GUI Tools for Scanning OA vulnerabilities
ronin-exploits - A Ruby micro-framework for writing and running exploits and payloads.

Sniffing & Spoofing

WireShark - Wireshark is a network traffic analyzer, or "sniffer", for Unix and Unix-like operating systems.
Cain & abel - Cain & Abel is a password recovery tool for Microsoft Operating Systems.
Responder - Responder is an LLMNR, NBT-NS and MDNS poisoner.
bettercap - ARP, DNS, NDP and DHCPv6 spoofers for MITM attacks on IPv4 and IPv6 based networks
EvilFOCA - Evil Foca is a tool for security pentesters and auditors whose purpose it is to test security in IPv4 and IPv6 data networks.

Shell

Goshell - Generate reverse shells in command line with Go !
Print-My-Shell - Python script wrote to automate the process of generating various reverse shells.
Reverse-shell-generator - Hosted Reverse Shell generator with a ton of functionality. -- (Great for CTFs)
Girsh - Automatically spawn a reverse shell fully interactive for Linux or Windows victim
Blueshell - Generate a reverse shells for RedTeam
Clink - Powerful Bash-style command line editing for cmd.exe
Natpass - A new RAT Tools, Support Web VNC and Webshell
Platypus - A modern multiple reverse shell sessions manager written in go
shells - Script for generating revshells
Reverse_ssh - SSH based reverse shell
Hoaxshell - A Windows reverse shell payload generator and handler that abuses the http(s) protocol to establish a beacon-like reverse shell.

Listener

Netcat - Netcat is a featured networking utility which reads and writes data across network connections, using the TCP/IP protocol.
Rustcat - Rustcat(rcat) - The modern Port listener and Reverse shell.
Rlwrap - A readline wrapper.
Pwncat - Fancy reverse and bind shell handler.
Powercat - netshell features all in version 2 powershell.
Socat - Socat is a flexible, multi-purpose relay tool.

Web Shell

Chopper

Tips: The tool comes from the network, no backdoor verification, please choose it on yourself......

Link: https://pan.baidu.com/s/1VnXkoQU-srSllG6JaY0nTA Password: v71d

AntSword : Document - AntSword is a cross-platform website management toolkit
CKnife - The cross platform webshell tool in java

Tips: The tool comes from the network, no backdoor verification, please choose it on yourself......

Link: https://pan.baidu.com/s/1QZrnWU7DUuJhiXl7u1kELw Password: hjrh

Behinder - dynamic binary encryption webshell management client
Godzilla - a Java tool to encrypt network traffic
Skyscorpion - Modified version of Behinder.
PyShell - Multiplatform Python WebShell.
Weevely3 - Weaponized web shell.
Bantam - A PHP backdoor management and generation tool/C2 featuring end to end encrypted payload streaming designed to bypass WAF, IDS, SIEM systems.
Awsome-Webshells - Collection of reverse shells.
php-reverse-shell - Simple php reverse shell implemented using binary.
Webshell_Generate - Generate kind of Webshells bypass AV

Vulnerability application

DVWA - Damn Vulnerable Web Application (DVWA)
WebGoat - WebGoat is a deliberately insecure web application maintained by OWASP designed to teach web application security lessons
DSVW - DSVW is a deliberately vulnerable web application written in under 100 lines of code, created for educational purposes
DVWS - Damn Vulnerable Web Services is an insecure web application with multiple vulnerable web service components that can be used to learn real world web service vulnerabilities
XVWA - XVWA is a badly coded web application written in PHP/MySQL that helps security enthusiasts to learn application security
BWAPP - A buggy web application whit more than 100 vulnerabilities
Sqli-lab - SQLI labs to test error based, Blind boolean based, Time based
HackMe-SQL-Injection-Challenges - Hack your friend's online MMORPG game - specific focus, sql injection opportunities
XSS-labs - Small set of scripts to practice exploit XSS and CSRF vulnerabilities
SSRF-lab - Lab for exploring SSRF vulnerabilities
SSRF_Vulnerable_Lab - This Lab contain the sample codes which are vulnerable to Server-Side Request Forgery attack
LFI-labs - Small set of PHP scripts to practice exploiting LFI, RFI and CMD injection vulns
Commix-testbed - A collection of web pages, vulnerable to command injection flaws
File-Upload-Lab - Damn Vulnerable File Upload V 1.1
Upload-labs - A summary of all types of uploading vulnerabilities for you
XXE-Lab - A XXE vulnerability Demo containing language versions such as PHP, Java, python, C#, etc
Vulnerable-Flask-App - Erlik2 Vulnerable-Flask-App provided by anil-yelken.

CTF challenges

Vulnhub - VulnHub provides materials allowing anyone to gain practical hands-on experience with digital security, computer applications and network administration
TryHackMe - TryHackMe is a free online platform for learning cyber security, using hands-on exercises and labs, all through your browser!
Hackthebox - Hack The Box is a massive, online cybersecurity training platform, allowing individuals, companies, universities and all kinds of organizations around the world to level up their hacking skills.
Root Me - Root Me allows everyone to test and improve their knowledge in computer security and hacking.
Pentestit - Penetration testing laboratories "Test lab" emulate an IT infrastructure of real companies and are created for a legal pen testing and improving penetration testing skills
Pentesterlab - Learn Web Penetration Testing: The Right Way
Cyberseclabs - At CyberSecLabs, we aim to provide secure, high-quality training services that allow information security students the opportunity to safely learn and practice penetration testing skills.
Web Security Academy - Free, online web security training from the creators of Burp Suite
Vulnmachines - A place to learn and improve penetration testing/ethical hacking skills for FREE

Name		Name	Last commit message	Last commit date
Latest commit History 697 Commits
.github		.github
.idea		.idea
Android		Android
Assembly language		Assembly language
C Hacking Tools		C Hacking Tools
Cryptography		Cryptography
DDoS		DDoS
Google Dorks		Google Dorks
Hacking Questions		Hacking Questions
Malwares		Malwares
Nmap		Nmap
OSINT		OSINT
Open SSL		Open SSL
Operating System Security		Operating System Security
Payloads/Payloads TXT		Payloads/Payloads TXT
Penetration Testing		Penetration Testing
Python		Python
Random Tools		Random Tools
Ransomware		Ransomware
Reverse Engineering		Reverse Engineering
Ruby hacking tools		Ruby hacking tools
Rust for Hacking		Rust for Hacking
SQL Injection		SQL Injection
Shodan		Shodan
Steganography		Steganography
Tor		Tor
Virus		Virus
Vulnerabilities		Vulnerabilities
Worms		Worms
XSS		XSS
CODE_OF_CONDUCT.md		CODE_OF_CONDUCT.md
CONTRIBUTING.md		CONTRIBUTING.md
LICENSE.md		LICENSE.md
README.md		README.md
SECURITY.md		SECURITY.md

License

aw-junaid/Hacking-Tools

Folders and files

Latest commit

History

Repository files navigation

Hacking Tools Repository

Connect With Me

💰 You can help me by Donating

Table of Content

Android Malware:

Assembly Language

Introduction

Arithmetic and Logic

Memory and Registers

C Hacking Tools

Cryptography

Symmetric Encryption

Asymmetric Encryption

Transform Encryption

Hash Functions

Books on Cryptography

DDos Tools

DDoS Tools (Code-Based)

Malware Analysis

Malware Samples & Repositories

Other Resources

Threat Intelligence Feeds & Blocklists

Documents and Shellcode

Malware Analysis Tools

Network

Network Traffic Analysis and Malware Detection Tools

Memory Forensics

Memory Forensics and Malware Analysis Tools

Malware Analysis & Reverse Engineering Books:

Cheat Sheets/Tables

Decoders

Debuggers

Disassemblers

Static Analysis Tools

Text/Hex Editor Tools

Threat Intelligence

OSINT Tools

Server & Network Tools

Search & Intelligence Tools

Threat Intelligence Tools

Vulnerability & Malware Tools

Email & Communication Tools

Wi-Fi & Network Mapping Tools

Attack Surface Management Tools

Penetration Testing

Subdomain

Google Hacking

Github

Port Scan

Phishing

Vulnerability Scanner

CMS & Framwork Identification

Web Applications Proxies

Web Crawlers & Directory Brute Force

Docker Scanners

Password Attacks

Wordlists

Wireless Tools

Cross-site Scripting (XSS)

Sql Injection

Exploit Framework

Sniffing & Spoofing

Shell

Listener

Web Shell

Vulnerability application

CTF challenges

About

Topics

Resources

License

Code of conduct

Security policy

Stars

Packages